Access control is a critical component of computer security, governing access to system resources. However, designing policies and roles in traditional access control can be challenging and difficult to maintain in dynamic and complex systems, which is particularly problematic for organizations with numerous resources. Furthermore, traditional methods suffer from issues such as third-party involvement, inefficiency, and privacy gaps, making transparent and dynamic access control an ongoing research problem. Moreover detecting malicious activities and identifying users who are not behaving appropriately can present notable difficulties. To address these challenges, we propose DLACB, a Deep Learning Based Access Control Using Blockchain, as a solution to decentralized access control. DLACB uses blockchain to provide transparency, traceability, and reliability in various domains such as medicine, finance, and government while taking advantage of deep learning to not rely on predefined policies and eventually automate access control. With the integration of blockchain and deep learning for access control, DLACB can provide a general framework applicable to various domains, enabling transparent and reliable logging of all transactions. As all data is recorded on the blockchain, we have the capability to identify malicious activities. We store a list of malicious activities in the storage system and employ a verification algorithm to cross-reference it with the blockchain. We conduct measurements and comparisons of the smart contract processing time for the deployed access control system in contrast to traditional access control methods, determining the time overhead involved. The processing time of DLBAC demonstrates remarkable stability when exposed to increased request volumes.

翻译：访问控制是计算机安全的关键组成部分，用于管理系统资源的访问权限。然而，在动态复杂的系统中，传统访问控制策略与角色的设计既困难又难以维护，尤其对拥有大量资源的组织而言问题突出。此外，传统方法存在第三方参与、效率低下和隐私漏洞等问题，使得透明且动态的访问控制成为持续的研究课题。同时，检测恶意活动并识别行为不当的用户也面临显著挑战。针对这些问题，我们提出了DLACB——一种基于区块链的深度学习访问控制框架，作为去中心化访问控制的解决方案。DLACB利用区块链在医疗、金融及政务等领域提供透明性、可追溯性和可靠性，同时借助深度学习摆脱对预定义策略的依赖，最终实现访问控制的自动化。通过将区块链与深度学习整合于访问控制体系，DLACB可构建适用于多领域的通用框架，实现所有事务的透明可信记录。由于所有数据均记录在区块链上，我们具备识别恶意活动的能力：将恶意活动列表存储于存储系统，并通过验证算法与区块链数据进行交叉比对。我们针对所部署的访问控制系统，测量并比较了智能合约处理时间与传统访问控制方法的差异，确定了时间开销。实验表明，DLBAC在处理请求量增加时仍表现出显著的稳定性。