U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Publications

NISTIR 8403 (Draft)

Blockchain for Access Control Systems

Date Published: December 20, 2021
Comments Due: February 7, 2022 (public comment period is CLOSED)
Email Questions to: ir8403-comments@nist.gov

Author(s)

Vincent Hu (NIST)

Announcement

Protecting system resources against unauthorized access is the primary objective of an access control system. As information systems rapidly evolve, the need for advanced access control mechanisms that support decentralization, scalability, and trust–all major challenges for traditional mechanisms–has grown.

Blockchain technology offers high confidence and tamper resistance implemented in a distributed fashion without a central authority, which means that it can be a trustable alternative for enforcing access control policies. This document presents analyses of blockchain access control systems from the perspectives of properties, components, architectures, and model supports, as well as discussions on considerations for implementation.

NOTE:  A call for patent claims is included on page iv of this draft.  For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Abstract

Keywords

access control; blockchain; authorization; ABAC; policy
Control Families

None selected

Documentation

Publication:
NISTIR 8403 (Draft) (DOI)
Local Download

Supplemental Material:
None available

Document History:
12/20/21: NISTIR 8403 (Draft)
05/26/22: NISTIR 8403 (Final)

Topics

Security and Privacy
access authorization; access control

Technologies
blockchain