Author

Norah Alilwit

Date of Award

12-2020

Document Type

Thesis - Open Access

Degree Name

Master of Science in Cybersecurity Engineering

Department

Electrical Engineering and Computer Science

Committee Chair

Houbing Song, Ph.D.

First Committee Member

Radu F. Babiceanu, Ph.D.

Second Committee Member

Ilteris Demirkiran, Ph.D.

Abstract

Across past decade online services have enabled individuals and organizations to perform different types of transactions such as banking, government transactions etc. The online services have also enabled more developments of applications, at cheap cost with elastic and scalable, fault tolerant system. These online services are offered by services providers which are use authentication, authorization and accounting framework based on client-server model. Though this model has been used over decades, study shows it is vulnerable to different hacks and it is also inconvenient to use for the end users. In addition, the services provider has total control over user data which they can monitor, trace, leak and even modify at their will. Thus, the user data ownership, digital identity and use of online services has raised privacy and security concern for the users.

In this thesis, Blockchain and the e-pass application are studied and alternative model for authentication, authorization and accounting is proposed based on Ethereum Blockchain. Furthermore, a prototype is developed which enables users to consume online services by authenticating, authorizing, and accounting with a single identity without sharing any private user data with the services provider center server. Experiments are run with the prototype to verify that it works as expected. Measurements are done to assess the feasibility and scalability of the solution. In the final part of the thesis, pros and cons of the proposed solution are discussed and perspectives for further research are sketched.

Share

COinS