Decentralized Access Control for Secure Microservices Cooperation with Blockchain

The wide-spread cloud-native technologies have accelerated the flourish of large-scale and high-concurrency microservices today. However, due to the flexibility and complexity of cooperation procedure, it is difficult to realize high-efficient security management on these mircoservices. Traditional centralized access control has flaws of relying on a centralized third-party manager and single-point failure while decentralized mechanisms are suffering from the inconsistency of policies defined by different participants. This paper firstly proposes a practical decentralized access control framework and scheme for secure microservices cooperation based on the blockchain. In our scheme, we realize the separate management on the individualized access policy by vendors instead of a central authority. Secondly, we build a permission blockchain to maintain the consistency and integrity of the policies. Through the analysis and experiments, it shows that our solution gracefully eliminates policy differences while the update cost achieves nearly constant.