Blockchain-based Identification and Access Control Framework - A Case Study of Open Banking Ecosystem
Explore the full thesis »
View Demo
·
Report Bug
·
Request Feature
Table of Contents
In this thesis, we propose blockchain-based identification and access control framework for Open Banking ecosystem. This framework allows organization administrators to interact with Ethereum nodes for register the digital identity of the customer, and customers also can manage their digital identity and control their data access by calling smart contract functions directly.
In addition, we develop a decentralized application (DApp) to provide the interface for customers to integrate their identities and control data access rights. The DApp we developed has the following features:
- It supports blockchain-based third-party login.
- It provides the Web interface to conduct identity integration processes for customers.
- It enables banks or third-party service providers (TSP) to offer more diverse services and strengthen data sharing.
- It establishes a transparent blockchain environment as well as clear workflows.
As shown in the following figure, the DApp represents applications developed by organizations or TSPs.
- Node v14.15.1
- Web3.js v1.3.0
- Express 4.9.0
- Redis v=4.0.9
- OpenLDAP
- Truffle v5.1.57 or Remix - Ethereum IDE
- Solidity v0.5.16
Before getting started, you should build the blockchain environment (e.g., Ethereum nodes) and setup the LDAP server.
-
node
apt install nodejs node -v
-
npm
apt install npm npm -v
-
truffle
npm install -g truffle
-
(optional) Remix If you don't have
truffletoolkit, you also can compile your contract code by online IDE, e.g., Remix. -
Redis
apt-get install redis-server
Next is to enable Redis to start on system boot. Also restart Redis service once.
sudo systemctl enable redis-server.service -
(optional) browserify If you don't use web3 provided by browser (older version), you should install
browserifyfor compile packages. TheBrowserifylets you use require in the browser, the same way you'd use it in Node.npm install -g browserify
-
Clone the repo
git clone https://github.com/jenhao-thesis/LdapDapp.git
-
Install NPM packages
npm install
-
Compile smart contract code
truffle init truffle compile truffle migrate --reset
After compiling contracts, you will get
buildfolder including contract.jsonfiles. And copy the contract address (OMgr) after migration complete. PS. If it is failed, just update thenodeversion to14.15.1. -
Setup configuration (server-config.json)
cp server-config-example.json server-config.json
For example:
{ "ldap": { "server": { "url": "ldap://[ip:port]", "bindDN": "[bindDN]", "bindCredentials": "[bindCredentials]", "searchBase": "[searchBase]", "searchFilter": "[searchFilter]" }, "usernameField": "username", "passwordField": "password" }, "redis": { "host": "[ip]", "port": "[port]" }, "contracts": { "organizationManagerAddress": "[contract address]", "accessManagerAddress": "" }, "admin_address": "[administrator address]", "admin_key": "[administrator private key]", "web3_provider": "ws://[ip:port]", "org_mapping": { "[address of organization A(upper case only)]": ["[ip:port]", "[organization name for display on website]"], "[address of organization B(upper case only)]": ["[ip:port]", "[organization name for display on website]"], "[address of organization C(upper case only)]": ["[ip:port]", "[organization name for display on website]"], "[address of organization D(upper case only)]": ["[ip:port]", "[organization name for display on website]"], "[address of organization E(upper case only)]": ["[ip:port]", "[organization name for display on website]"] } } -
Enter your the contract address (OMgr) in
server-config.json. -
(optional) Convert
web3_init.jstoweb3_bundle.jsbrowserify web3_init.js -o web3_bundle.js
-
Launch Dapp.
npm start
In addition to installation the complete project, we also write a docker-compose file that builds and runs multi-container Docker applications. With it, we can easier create, deploy, and run our all applications by using containers.
When we build and run 3 organizations follows five steps.
-
Create directorys for 3 organizations.
mkdir orgA mkdir orgB mkdir orgC
-
Clone two repos in each directory separately.
git clone https://github.com/jenhao-thesis/LdapDapp.git git clone https://github.com/jenhao-thesis/LdapServer.git
-
Copy
docker-compose.ymlfromLdapDappfolder.cp orgA/LDapp/docker-compose.yml orgA/ cp orgB/LDapp/docker-compose.yml orgB/ cp orgC/LDapp/docker-compose.yml orgC/
-
Setup
server-config.jsonin each directory separately. -
Start all Docker Containers in each directory separately.
cd orgA/ docker-compose up -d cd orgB/ docker-compose up -d cd orgC/ docker-compose up -d
.
├── orgA
│ ├── docker-compose.yml
│ ├── LdapDapp # git clone https://github.com/jenhao-thesis/LdapDapp.git
│ │ ├── server-config.json # Server configuration
│ │ ├── build # 1) truffle compile, generate contracts json file. or 2) compile contracts via Remix
│ │ │ └── contracts
│ │ │ ├── AccessManager.json
│ │ │ └── OrganizationManager.json
| | └── ...
│ └── LdapServer # git clone from https://github.com/jenhao-thesis/LdapServer.git
├── orgB
└── orgC
PS. server-config.json should be set hostname as follows.
"host": "redis",
"web3_provider": "ws://ganache:8545",
"url": "ldap://ldap_server:1389",The following figure demonstrates how the DApp can be used.
Jen-Hao Cheng - [email protected], [email protected]