This paper addresses the critical challenge of access control in modern supply chains, which operate across multiple independent and competing organizations. Existing access control is static and centralized, unable to adapt to insider threats or evolving contexts. Blockchain improves decentralization but lacks behavioral intelligence, while centralized machine learning for anomaly detection requires aggregating sensitive data, violating privacy. The proposed solution is ICBAC, an intelligent contract-based access control framework. It integrates permissioned blockchain (Hyperledger Fabric) with federated learning (FL). Built on Fabric, ICBAC uses a multi-channel architecture and three smart contracts for asset management, baseline access control, and dynamic revocation. To counter insider misuse, each channel deploys an AI agent that monitors activity and dynamically restricts access for anomalies. Federated learning allows these agents to collaboratively improve detection models without sharing raw data. For heterogeneous, competitive environments, ICBAC introduces a game-theoretic client selection mechanism using hedonic coalition formation. This enables supply chains to form stable, strategy-proof FL coalitions via preference-based selection without disclosing sensitive criteria. Extensive experiments on a Fabric testbed with a real-world dataset show ICBAC achieves blockchain performance comparable to static frameworks and provides effective anomaly detection under IID and non-IID data with zero raw-data sharing. ICBAC thus offers a practical, scalable solution for dynamic, privacy-preserving access control in decentralized supply chains.

翻译：本文针对现代供应链中访问控制的关键挑战展开研究，这些供应链通常跨越多个独立且相互竞争的组织运作。现有的访问控制机制是静态且中心化的，无法适应内部威胁或动态变化的上下文环境。区块链技术提升了去中心化程度，但缺乏行为智能；而用于异常检测的中心化机器学习方法需要聚合敏感数据，从而侵犯隐私。本文提出的解决方案是ICBAC，一种基于智能合约的智能访问控制框架。该框架将许可制区块链（Hyperledger Fabric）与联邦学习（FL）相结合。ICBAC构建于Fabric之上，采用多通道架构和三个智能合约，分别用于资产管理、基线访问控制和动态权限撤销。为应对内部滥用行为，每个通道部署一个AI代理，用于监控活动并动态限制异常访问。联邦学习使得这些代理能够在不共享原始数据的情况下协作改进检测模型。针对异构且竞争激烈的环境，ICBAC引入了一种基于博弈论的客户选择机制，采用享乐联盟形成方法。这使得供应链能够通过基于偏好的选择形成稳定、防策略的联邦学习联盟，而无需披露敏感标准。在基于Fabric的测试平台上使用真实数据集进行的广泛实验表明，ICBAC实现了与静态框架相当的区块链性能，并在独立同分布和非独立同分布数据条件下，通过零原始数据共享提供了有效的异常检测。因此，ICBAC为去中心化供应链中的动态、隐私保护型访问控制提供了一个实用且可扩展的解决方案。