Attribute-based access control, which can provide fine-grained and flexible privacy protection, is widely used in practice. Traditional attribute-based access control schemes require the intervention of a trusted third party, which will cause single point of failure. Due to its decentralized nature, blockchain is now considered as a promising way to solve the above issue. The basic idea of existing blockchain-based access control schemes is to code the access policy into a smart contract. However, the transparency of the blockchain makes it easier for the adversary to explore the public information to launch a privacy attack. In this paper, we propose an attribute-based access control scheme which benefits from the smart contract technology while ensuring the privacy of attributes and policies. An additive homomorphic cryptosystem is utilized to encrypt attributes and access policies. The scheme uses multiple blockchain nodes to collectively decrypt the data, and uses zero-knowledge proof technology to ensure the correctness of the decryption result. Therefore, the smart contract is able to make the authorization decision without actually seeing attributes or policies. We have implemented the proposed access control scheme on Hyperledger Fabric. Simulation results show that the computation overhead introduced by encryption/decryption and zero-knowledge proof is reasonable.

基于属性的访问控制可以提供细粒度和灵活的隐私保护，在实践中得到广泛应用。传统的基于属性的访问控制方案需要可信第三方的介入，这会导致单点故障。由于其去中心化的特性，区块链现在被认为是解决上述问题的一种有前途的方法。现有的基于区块链的访问控制方案的基本思想是将访问策略编码到智能合约中。然而，区块链的透明性使得攻击者更容易挖掘公开信息发起隐私攻击。在本文中，我们提出了一种基于属性的访问控制方案，该方案受益于智能合约技术，同时确保属性和策略的隐私。加性同态密码系统用于加密属性和访问策略。该方案采用多个区块链节点共同解密数据，并采用零知识证明技术保证解密结果的正确性。因此，智能合约能够在不实际查看属性或策略的情况下做出授权决定。我们已经在 Hyperledger Fabric 上实施了提议的访问控制方案。仿真结果表明，加解密和零知识证明引入的计算开销是合理的。智能合约能够在不实际查看属性或策略的情况下做出授权决定。我们已经在 Hyperledger Fabric 上实施了提议的访问控制方案。仿真结果表明，加解密和零知识证明引入的计算开销是合理的。智能合约能够在不实际查看属性或策略的情况下做出授权决定。我们已经在 Hyperledger Fabric 上实施了提议的访问控制方案。仿真结果表明，加解密和零知识证明引入的计算开销是合理的。