Browse Prior Art Database

MECHANISMS FOR VALIDATING AUTHORIZATION/DELEGATION HIERARCHY USING BLOCKCHAIN TECHNOLOGY

IP.com Disclosure Number: IPCOM000248695D
Publication Date: 2016-Dec-27

Publishing Venue

The IP.com Prior Art Database

Related People

Yi Yang: AUTHOR [+4]

Abstract

Presented herein are mechanism for the validation of hierarchical delegation of information/resources using blockchain technology. The mechanisms account for additions and deletions of information, as well as for the determination of incorrect transactions. Multiple applications are possible. A service may be provisioned to validate an authentication/delegation hierarchy for various use cases, including Internet of Things (IoT) license management, digital copyright management, staff management, sales partnership management, route advertisement verification, and others.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 23% of the total text.

Copyright 2016 Cisco Systems, Inc. 1

MECHANISMS FOR VALIDATING AUTHORIZATION/DELEGATION HIERARCHY USING BLOCKCHAIN TECHNOLOGY

AUTHORS: Yi Yang

Alvaro Retana Rajiv Asati

Nagendra Kumar Nainar

CISCO SYSTEMS, INC.

ABSTRACT

Presented herein are mechanism for the validation of hierarchical delegation of

information/resources using blockchain technology. The mechanisms account for

additions and deletions of information, as well as for the determination of incorrect

transactions. Multiple applications are possible. A service may be provisioned to validate

an authentication/delegation hierarchy for various use cases, including Internet of Things

(IoT) license management, digital copyright management, staff management, sales

partnership management, route advertisement verification, and others.

DETAILED DESCRIPTION

Maintaining a hierarchy of authorization/delegation is an important aspect of

typical operations in many fields. For example, a hierarchy is critical to creating a system

of authority and responsibility in corporation management. Also, a hierarchy is helpful to

grow channels and promote partnerships in sales. In another example, a hierarchy is used

for Internet Protocol (IP) prefix allocation and management in networks.

Traditionally, the structure of an authorization/delegation hierarchy is maintained

centrally, either explicitly or implicitly. This is especially true for situations involving

staffing hierarchy and/or sales hierarchy, where the environments are relatively static and

may be planned in advance.

However, there are challenges in more dynamic and ad-hoc environments (e.g. an

IoT network). For instance, access to centralized license databases may be sporadic. In

addition, many instances of an authorization/delegation hierarchy may co-exist in the

same environment. For example, there may be a hierarchy to manage licensing for each

Copyright 2016 Cisco Systems, Inc. 2

software feature. In another example, an "upper" level node in the hierarchy may

intentionally block propagation of the hierarchy changes to its subordinate nodes.

Therefore, a distributed approach would be more desirable in some network

environments. In addition, such a distributed solution must be hardened against

tampering. As such, mechanisms presented herein validate the authorization/delegation

hierarchy using blockchain technology.

The mechanisms are based on the following observations:

1. An authorization/delegation hierarchy can be represented by a directed acyclic

graph (DAG).

2. Each authorization operation from one node to another node can be represented

by an directional edge in the DAG.

3. A node claim of authorization/delegation is valid if and only if there is a valid

path of continuous edges from the root node to this node.

Mechanisms described herein leverage blockchain technology as an ordered and

timestamped record of transactions, in which transactions are also chained together. This

approach protects against unauthorized modification of the hiera...