KIT | KIT-Bibliothek | Impressum | Datenschutz

Matrix Decomposition – Analysis of an Access Control Approach on Transaction-based DAGs without Finality

Jacob, Florian; Becker, Luca; Grashöfer, Jan; Hartenstein, Hannes

Abstract (englisch):
The Matrix message-oriented middleware (see https://matrix.org) is gaining momentum as a basis for a decentralized, secure messaging system as shown, for example, by its deployment within the French government and by the Mozilla foundation. Thus, understanding the corresponding access control approach is important. This paper provides an ab- straction and an analysis of the access control approach followed by Matrix. We show that Matrix can be seen as a form of Distributed Ledger Technology (DLT) based on Transaction-based Directed Acyclic Graphs (TDAGs). TDAGs connect individual transactions to form a DAG, instead of collecting transactions in blocks as in blockchains. These TDAGs only provide causal order, eventual consistency, and no finality. However, unlike conventional DLTs, Matrix does not aim for a strict system-wide consensus. Thus, there is also no guarantee for a strict consensus on access rights. By de- composition of the Matrix approach, we show that a sound decen- tralized access control can be implemented for TDAGs in general, and for Matrix in particular, despite those weak guarantees. In addition, we discovered security issues in popular implementations and emphasize the need for a formal verification of the employed conflict resolution mechanism.

Open Access Logo


Postprint §
DOI: 10.5445/IR/1000120022
Frei zugänglich ab 29.05.2021
Originalveröffentlichung
DOI: 10.1145/3381991.3395399
Zugehörige Institution(en) am KIT Institut für Telematik (TM)
Publikationstyp Proceedingsbeitrag
Publikationsdatum 10.06.2020
Sprache Englisch
Identifikator ISBN: 978-1-4503-7568-9
KITopen-ID: 1000120022
Erschienen in SACMAT '20: Proceedings of the 25th ACM Symposium on Access Control Models and Technologies, Barcelona Spain, June, 2020. Ed.: J. Lobo .
Veranstaltung 25th ACM Symposium on Access Control Models and Technologies (SACMAT 2020), Barcelona, Spanien, 10.06.2020 – 12.06.2020
Verlag International Foundation for Autonomous Agents and Multiagent Systems, Richland (SC)
Seiten 81–92
Vorab online veröffentlicht am 28.05.2020
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page