{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,2]],"date-time":"2025-11-02T10:39:17Z","timestamp":1762079957400,"version":"build-2065373602"},"reference-count":23,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T00:00:00Z","timestamp":1743033600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"Cloud computing presents itself as one of the leading technologies in the IT solutions field, providing a variety of services and capabilities. Meanwhile, blockchain-based solutions emerge as advantageous as they permit data immutability, transaction efficiency, transparency, and trust due to decentralization and the use of smart contracts. In this paper, we are consolidating these two technologies into a secure framework for access control in cloud environments. A cross-chain-based methodology is used, in which transactions and interactions between multiple blockchains and cloud computing systems are supported, such that no separate third-party certificates are required in the authentication and authorization processes. This paper presents a cross-chain-based framework that integrates a full, fine-grained, attribute-based access control (ABAC) mechanism that evaluates cloud user access transaction attributes. It grants or denies access to the cloud resources by inferring knowledge about the attributes received using semantic reasoning based on ontologies, resulting in a more reliable method for information sharing over the cloud network. Our implemented cross-chain framework on the Cosmos ecosystem with the integrated semantic ABAC scored an overall access control (AC) processing time of 9.72 ms.<\/jats:p>","DOI":"10.3390\/fi17040149","type":"journal-article","created":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T03:35:28Z","timestamp":1743132928000},"page":"149","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A Cross-Chain-Based Access Control Framework for Cloud Environment"],"prefix":"10.3390","volume":"17","author":[{"given":"Saad","family":"Belcaid","sequence":"first","affiliation":[{"name":"ENSIAS, Smart Systems Laboratory (SSL), Mohammed V University in Rabat, Rabat 10000, Morocco"}]},{"given":"Mostapha","family":"Zbakh","sequence":"additional","affiliation":[{"name":"ENSIAS, Smart Systems Laboratory (SSL), Mohammed V University in Rabat, Rabat 10000, Morocco"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-0024-5868","authenticated-orcid":false,"given":"Siham","family":"Aouad","sequence":"additional","affiliation":[{"name":"ENSIAS, Smart Systems Laboratory (SSL), Mohammed V University in Rabat, Rabat 10000, Morocco"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8891-180X","authenticated-orcid":false,"given":"Abdellah","family":"Touhafi","sequence":"additional","affiliation":[{"name":"Department of Engineering, Technology (INDI), Vrije Universiteit Brussel, 1000 Brussels, Belgium"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9965-915X","authenticated-orcid":false,"given":"An","family":"Braeken","sequence":"additional","affiliation":[{"name":"Department of Engineering, Technology (INDI), Vrije Universiteit Brussel, 1000 Brussels, Belgium"}]}],"member":"1968","published-online":{"date-parts":[[2025,3,27]]},"reference":[{"key":"ref_1","first-page":"917","article-title":"Towards Secure Blockchain-enabled Cloud Computing: A Taxonomy of Security Issues and Recent Advances","volume":"14","author":"Liu","year":"2023","journal-title":"Int. J. Adv. Comput. Sci. Appl."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Hu, V.C., Iorga, M., Bao, W., Li, A., Li, Q., and Gouglidis, A. (2020). General Access Control Guidance for Cloud Systems, National Institute of Standards and Technology (U.S.). Technical Report NIST SP 800-210.","DOI":"10.6028\/NIST.SP.800-210"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"e3720","DOI":"10.1002\/ett.3720","article-title":"A survey on access control mechanisms for cloud computing","volume":"31","author":"Gemayel","year":"2020","journal-title":"Trans. Emerg. Telecommun. Technol."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Gan, W., Ye, Z., Wan, S., and Yu, P.S. (2023). Web 3.0: The Future of Internet. arXiv.","DOI":"10.1145\/3543873.3587583"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Werth, J., Berenjestanaki, M., Barzegar, H., El Ioini, N., and Pahl, C. (2023, January 24\u201326). A Review of Blockchain Platforms Based on the Scalability, Security and Decentralization Trilemma. Proceedings of the 25th International Conference on Enterprise Information Systems, Prague, Czech Republic.","DOI":"10.5220\/0011837200003467"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Yaga, D., Mell, P., Roby, N., and Scarfone, K. (2018). Blockchain Technology Overview, National Institute of Standards and Technology. Technical Report NIST IR 8202.","DOI":"10.6028\/NIST.IR.8202"},{"key":"ref_7","first-page":"3","article-title":"Access control and data sharing mechanism in decentralized cloud using blockchain technology","volume":"7","author":"Gajmal","year":"2024","journal-title":"J. Auton. Intell."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"103706","DOI":"10.1016\/j.jnca.2023.103706","article-title":"Fine-grained access control policy in blockchain-enabled edge computing","volume":"221","author":"He","year":"2024","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"62998","DOI":"10.1109\/ACCESS.2023.3288332","article-title":"Secure and Lightweight Blockchain-Enabled Access Control for Fog-Assisted IoT Cloud Based Electronic Medical Records Sharing","volume":"11","author":"Fugkeaw","year":"2023","journal-title":"IEEE Access"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Alharbi, A. (2023). Applying Access Control Enabled Blockchain (ACE-BC) Framework to Manage Data Security in the CIS System. Sensors, 23.","DOI":"10.3390\/s23063020"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"100204","DOI":"10.1016\/j.prime.2023.100204","article-title":"An efficient chain code for access control in hyper ledger fabric healthcare system","volume":"5","author":"Sujihelen","year":"2023","journal-title":"e-Prime-Adv. Electr. Eng. Electron. Energy"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"102897","DOI":"10.1016\/j.sysarc.2023.102897","article-title":"BSAF: A blockchain-based secure access framework with privacy protection for cloud-device service collaborations","volume":"140","author":"Duan","year":"2023","journal-title":"J. Syst. Archit."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"70604","DOI":"10.1109\/ACCESS.2020.2985762","article-title":"AuthPrivacyChain: A Blockchain-Based Access Control Framework With Privacy Protection in Cloud","volume":"8","author":"Yang","year":"2020","journal-title":"IEEE Access"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Jiang, Y., Wang, C., Wang, Y., and Gao, L. (2019). A Cross-Chain Solution to Integrating Multiple Blockchains for IoT Data Management. Sensors, 19.","DOI":"10.3390\/s19092042"},{"key":"ref_15","unstructured":"Dumitrescu, A.T., and Pouwelse, J. (2024). Failures of public key infrastructure: 53 year survey. arXiv."},{"key":"ref_16","unstructured":"Kwon, J., and Buchman, E. (2023, April 27). Cosmos Whitepaper. A Network of Distributed Ledgers. Available online: https:\/\/cosmos.network\/whitepaper."},{"key":"ref_17","unstructured":"Goes, C. (2020). The Interblockchain Communication Protocol: An Overview. arXiv."},{"key":"ref_18","unstructured":"Buchman, E., Kwon, J., and Milosevic, Z. (2019). The latest gossip on BFT consensus. arXiv."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Hu, V.C., Ferraiolo, D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., and Scarfone, K. (2014). Guide to Attribute Based Access Control (ABAC) Definition and Considerations, National Institute of Standards and Technology. Technical Report NIST SP 800-162.","DOI":"10.6028\/NIST.SP.800-162"},{"key":"ref_20","unstructured":"Hu, V.C. (2022). Blockchain for Access Control Systems, National Institute of Standards and Technology (U.S.). Technical Report NIST IR 8403."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"7","DOI":"10.1016\/j.websem.2003.07.001","article-title":"From SHIQ and RDF to OWL: The making of a Web Ontology Language","volume":"1","author":"Horrocks","year":"2003","journal-title":"J. Web Semant."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Xie, T., Zhang, J., Cheng, Z., Zhang, F., Zhang, Y., Jia, Y., Boneh, D., and Song, D. (2022, January 7\u201311). zkBridge: Trustless Cross-chain Bridges Made Practical. Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Los Angeles, CA, USA.","DOI":"10.1145\/3548606.3560652"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"961","DOI":"10.1007\/s00500-021-06577-5","article-title":"Cross-chain exchange by transaction dependence with conditional transaction method","volume":"26","author":"Su","year":"2022","journal-title":"Soft Comput."}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/17\/4\/149\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,9]],"date-time":"2025-10-09T17:02:55Z","timestamp":1760029375000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/17\/4\/149"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,3,27]]},"references-count":23,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2025,4]]}},"alternative-id":["fi17040149"],"URL":"https:\/\/doi.org\/10.3390\/fi17040149","relation":{},"ISSN":["1999-5903"],"issn-type":[{"type":"electronic","value":"1999-5903"}],"subject":[],"published":{"date-parts":[[2025,3,27]]}}}