Blockchain-Based Decentralized and Adaptive Access Control Framework for Secure Cloud Environments

Abstract

The cloud environment is becoming more and more secure, scalable, and flexible-access control frameworks to safeguard instances of distributed resources and sensitive data. Conventional centralized access control designs lack resilience to single points of failure, lack scalability, are slow, they are vulnerable to insider attacks and have poor resource management in dynamic workload. To counter these shortcomings, the current paper introduces a Decentralized and Context-Adaptive Access Control Framework that will combine the capabilities of blockchain technology and real-time contextual policy analysis to implement safe, trustworthy, and intelligent authorization in cloud systems. The framework takes advantage of the immutability, transparency, and distributed consensus features of blockchain to remove a dependency of central trust, and dynamically changes policies based on the behaviour of users, their role attributes, authentication history, or the environmental risk factors. Evaluation on a simulated basis was done on a multi-node deployment that was decentralized with consensus-based access logging, dynamic policy enforcement, and load balanced request distribution. Its results have shown a 6070 percent decrease in access validation latency, a 233 percent rise in throughput, and 90 percent system availability in case of a node failure, which is highly fault tolerant and scalable. Also, the system consumes energy 30 percent less than centralized systems, which depict sustainability advantages. Attempts at unauthorized access were actively monitored and this record was captured by using the immutable on-chain audit logs enhancing accountability and traceability of breach. The solution provided can take the state-of-the-art a step further by offering dynamically changing real time access adaptation and energy conscious decentralized policy enforcement as well as resilience of the system to node failures that are deficient in the current RBAC, IoT-based and provenance-based systems. Although blockchain consensus overhead and complexity in interoperability are still deployment issues, the results confirm the framework to be a secure, scalable, and energy-efficient solution to next-generation cloud access governance.