System for implementing user access control in blockchain

System for implementing user access control in blockchain

System Overview:

System Architecture: Includes host organization, user client device, blockchain service interface, database system, etc., which are interconnected through the network.

Blockchain Operation: The system operates the blockchain interface for multiple tenants of the host organization, and each tenant acts as a participating node of the blockchain.

User Access Control:

Access Control Object: The system specifies access control permissions by generating and trading access control objects to the blockchain.

Smart Contract Execution: When the blockchain receives an access request, the smart contract is executed to retrieve the access control object, and access is approved or denied based on the execution result.

Data Encryption and Sharing:

Data Encryption: Before storing data in the blockchain, the data is encrypted using the generated key.

Key Conversion: Convert the encryption key to a shared secret, which is stored on the blockchain and used to access and decrypt data.

Consensus Mechanism:

Consensus Protocol: The system determines whether a transaction is submitted to the blockchain based on the consensus protocol of the blockchain network.

Consensus Read Operation: Implement the consensus read function to control read access to access control information stored on the blockchain.

Metadata definition and management:

Metadata definition manager: allows tenants of the host organization to define and create metadata, which is then pushed to the blockchain.

Custom blockchain protocols: supports multiple blockchain protocols, allowing non-subscribers to create and define metadata using the metadata definition manager.

User interface and interaction:

Graphical user interface (GUI): displays a GUI interface to the user device, prompting the user to enter the metadata rule definition.

Automatic generation of smart contracts: automatically generates smart contract code representing the metadata rule definition based on user input.

Advanced functions and features:

Right to forget: implements the right to forget function, allowing the requester to request to forget the specified data through the blockchain service interface.

Dynamic data update: efficiently retrieve and update the stored records on the blockchain through the indexing scheme.

Technical background and challenges:

Current DLT platform limitations: Existing DLT platforms store data in a fixed and static manner, lacking context and metadata, resulting in difficulties in data retrieval and conversion.

Solution advantages: The system and method provided improve the efficiency and flexibility of the DLT platform through metadata-driven and fine-grained access control.

These points summarize the core content, covering system architecture, user access control, data encryption and sharing, consensus mechanism, metadata definition and management, user interface and interaction, advanced functions and features, as well as technical background and challenges. By introducing metadata-driven and fine-grained access control, the system significantly improves the flexibility and data processing capabilities of the blockchain platform.