Adaptive Fuzzy Logic Risk- Based Access Control Model for Smart Contract Execution on Block Chain Systems

Abstract

Smart contracts contribute to the automation and efficiency of various processes, reducing the need for intermediaries in order to execute agreements on the blockchain platforms. Classical traditional access control models, Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role-Based Access Control (RBAC) represent conventional access control paradigms which have played a fundamental role in the management of resource access in many organizations and systems. These approaches employ predefined policies and conventions to govern and enforce access permissions. The access models of smart contracts deployed in Blockchain systems exhibit limited adaptability to dynamic changes in the system environment. Conventional crypto, the main access control mechanism encounters a challenge in effectively mitigating the security risks related to identity management authentication across the processes of consensus, initiation, and execution of smart contracts, specifically within Blockchain systems. The shortcoming of classical access control models, which were established in previous times lie in their lack of adaptability and responsiveness in detecting abnormal and malevolent behaviors through the process of observing and tracking user actions during the entirety of their access session. The situation at hand necessitates the implementation of adaptive access control models.  The aim of this study was to create a risk-based access control model that is both dynamic and adaptive. To achieve this, the study designed an adaptive model, developed the adaptive risk-based access control model, then tested, implemented and evaluated the developed model. The study adopted a Mixed-Method research design which included Experimental research design that was used to design and develop the model while Action research design was used to test and evaluate the model anchored on within the PiECE framework. A fuzzy logic inference principle was employed to develop, while expert judgment technique was used to evaluate the model through an evaluation metric criterion using regression model analysis. To handle uncertain data ranges, encompassing categories such as severe, high, moderate, and low user risk estimating strategy based on fuzzy logic was employed. Data collection methods utilized the Ai data mining technique route thereafter involved cleaning, pre-processing and annotation of the sample size data sets. The cleaned data was split into training, testing and validating data sets which then empirically, the MATLAB toolkit was used in the development and testing phase of the proposed architecture for execution stages of smart contracts in blockchain platform. Ethical concerns were highlighted based on the pilot model’s efficacy. This thesis presented a comprehensive evaluation of a dynamic risk-based access control model that integrates fuzzy logic, expert judgment,

and blockchain-enabled smart contract monitoring. It detailed the design and implementation of a fuzzy inference system to address the limitations of static access models as the developed model incorporated expert-defined thresholds for risk estimation. The study’s validation was through expert interviews that demonstrated the model's effectiveness via statistical and AI-based methods. Simulation using Simulink and MATLAB was employed to further validate the adaptive risk assessment mechanism. Integration of the model with eXACML ensured policy compliance. Comparative analysis confirmed the model's superiority in providing secure, adaptive access control for blockchain smart contract ecosystem. The attributes of the developed adaptive fuzzy logic access control model make contribution that can be utilized in future design of intelligent access systems that dynamically adjust the capabilities of users’ based on their behaviors throughout access sessions to enhance further smart contracts’ inherent secured nature.