Product at Arcana
May 30, 2023

Arcana's Rule-Based Access Control Explained

This blog is an in-depth guide to understand how Arcana implements rule-based access control on the data stored with us.

Arcana's Rule-Based Access Control Explained

Darkweb v2.0 public release is here

Lorem ipsum dolor sit amet, consectetur adipiscing elit lobortis arcu enim urna adipiscing praesent velit viverra sit semper lorem eu cursus vel hendrerit elementum morbi curabitur etiam nibh justo, lorem aliquet donec sed sit mi dignissim at ante massa mattis.

  1. Neque sodales ut etiam sit amet nisl purus non tellus orci ac auctor
  2. Adipiscing elit ut aliquam purus sit amet viverra suspendisse potent i
  3. Mauris commodo quis imperdiet massa tincidunt nunc pulvinar
  4. Adipiscing elit ut aliquam purus sit amet viverra suspendisse potenti

What has changed in our latest release?

Vitae congue eu consequat ac felis placerat vestibulum lectus mauris ultrices cursus sit amet dictum sit amet justo donec enim diam porttitor lacus luctus accumsan tortor posuere praesent tristique magna sit amet purus gravida quis blandit turpis.

All new features available for all public channel users

At risus viverra adipiscing at in tellus integer feugiat nisl pretium fusce id velit ut tortor sagittis orci a scelerisque purus semper eget at lectus urna duis convallis. porta nibh venenatis cras sed felis eget neque laoreet suspendisse interdum consectetur libero id faucibus nisl donec pretium vulputate sapien nec sagittis aliquam nunc lobortis mattis aliquam faucibus purus in.

  • Neque sodales ut etiam sit amet nisl purus non tellus orci ac auctor
  • Adipiscing elit ut aliquam purus sit amet viverra suspendisse potenti
  • Mauris commodo quis imperdiet massa tincidunt nunc pulvinar
  • Adipiscing elit ut aliquam purus sit amet viverra suspendisse potenti
Coding collaboration with over 200 users at once

Nisi quis eleifend quam adipiscing vitae aliquet bibendum enim facilisis gravida neque. Velit euismod in pellentesque massa placerat volutpat lacus laoreet non curabitur gravida odio aenean sed adipiscing diam donec adipiscing tristique risus. amet est placerat in egestas erat imperdiet sed euismod nisi.

“Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum”
Real-time code save every 0.1 seconds

Eget lorem dolor sed viverra ipsum nunc aliquet bibendum felis donec et odio pellentesque diam volutpat commodo sed egestas aliquam sem fringilla ut morbi tincidunt augue interdum velit euismod eu tincidunt tortor aliquam nulla facilisi aenean sed adipiscing diam donec adipiscing ut lectus arcu bibendum at varius vel pharetra nibh venenatis cras sed felis eget dolor cosnectur drolo.

Access control is foundational in just about every web2 and web3 application around us. Understanding access control is straightforward– it's all about determining who gets to access certain information or piece of data. However, implementing it is where things get complicated. There are different types of access control, such as role-based access control, data-centric access control, and context-centric access control. In this blog, we dive deeper into rule-based access control and how Arcana leverages it to provide a transparent and secure user experience.

Understanding the Need for Rule-based Access Control

In simplest terms, rule-based access control manages access to a particular piece of data, info, file, or database solely based on whether they comply with the predetermined rules. One of the most famous examples of rule-based access control implementation would be video games where players get eligible to receive specific points, tokens, or cross-levels upon reaching a particular milestone. Specific criteria are established for events like those mentioned, and access can be granted upon meeting them.

Rule-based access control is widely implemented across several web apps and solutions with which most internet users interact daily. That being said, there is still more to be desired in its implementation. Because since time immemorial, the authority to execute access control (whether it is rule-based or others) has been placed in the hands of a "trusted" third party. Consider AWS, for instance; it acts as the sole administrator and third party for providing access control to the data stored on its cloud.

Arcana Access: A Secure & Transparent Alternative

Arcana Access leverages both rule-based and role-based access control. We rely on DIDs to identify files on-chain and determine who gets access. In the case of rule-based access control, we formulate conditions associated with each file stored on our network. Now the list of all these "conditions" or "rules" are termed "Access Control Lists" or ACLs. These ACLs essentially hold all the rules that secure access to files. Now the critical question of how Arcana store and manages these ACLs come up. Here's how we do it: The ACLs associated with each data file are stored in a database, with its rule hash stored on the blockchain.

It is worth noting that we enforce access control on all private files being stored on our storage network. We support the following operations through access control on personal user data:

  • Sharing files
  • Revoking file-sharing access
  • Transferring file ownership
  • Deleting a file
  • Getting the list of all users who have shared access to a file

Learn more about Access Control on our official documentation here:

The rule-based access control in Arcana Access can be based on both on-chain & off-chain states. You could, for instance, deploy a rule that says, "allow any address to access a certain file if they own an NFT-wrapped-token of a certain crypto" or "allow access only if the user has at least 5 ETH balance." With Arcana, extending rules and conditions to off-chain states is also simple.

Arcana Access allows developers to code or lets users decide the rules. Moreover, we provide an end-to-end solution to web3 and web2 devs looking for secure storage and transparent access control. All the files uploaded to Arcana's decentralized storage network are encrypted, split up and stored across various nodes to avoid any single point of failure. Compared to current web3 storage services such as IPFS, Arcana's encrypted storage and access control provide a more secure, transparent, and privacy-friendly user experience.

Learn more about Arcana's Access Control & Storage SDK from our official documentation.

About Arcana Network

Arcana is Web3 infra for devs to launch and scale apps through its Auth, Store, and Access SDKs. Web3 apps use Arcana's SDK to authenticate users with Social and Passwordless Auth and create non-custodial wallets, Store Encrypted/Unencrypted  Data, and Manage Access. Built for Ethereum and EVM-based chains, with Arcana's privacy stack, developers can build secure and privacy-preserving apps with a seamless user experience.

Arcana has raised 2.7Mn USD from some of the leading investors and founders in the ecosystem, such as Balaji Srinivasan, Founders of Polygon, Woodstock, Republic Crypto, and Digital Currency Group.

Watch out for Arcana's upcoming Mainnet in December 2022. Want to know more about our Mainnet features? Book a demo.

Book a Demo

Official Links: Website | Twitter | Discord| Telegram | TG Announcement | Medium | GitHub