To address the high privacy re-identification risk and excessive policy-matching overhead in blockchain-based attribute-based access control (BC-ABAC), this paper proposes a novel framework balancing quantifiable anonymity and efficiency. We introduce the first formal ((r, t))-anonymity model, enabling rigorous quantification of re-identification risk across both attribute and temporal dimensions. To optimize policy matching dynamically, we design an entropy-weighted path tree (EWPT) that adapts traversal paths based on real-time anonymity measurements. Furthermore, we integrate zero-knowledge proofs, attribute-based encryption, and Hyperledger Fabric to establish a privacy–efficiency co-optimization mechanism. Experimental evaluation demonstrates that our approach achieves up to 11× higher throughput and 87% lower latency compared to state-of-the-art schemes, while guaranteeing strong anonymity—i.e., (r)-anonymity with temporal constraint (t)—and effectively supporting high-concurrency scenarios.

Blockchain-based Attribute-Based Access Control (BC-ABAC) offers a decentralized paradigm for secure data governance but faces two inherent challenges: the transparency of blockchain ledgers threatens user privacy by enabling reidentification attacks through attribute analysis, while the computational complexity of policy matching clashes with blockchain's performance constraints. Existing solutions, such as those employing Zero-Knowledge Proofs (ZKPs), often incur high overhead and lack measurable anonymity guarantees, while efficiency optimizations frequently ignore privacy implications. To address these dual challenges, this paper proposes QAEBAC (Quantifiable Anonymity and Efficiency in Blockchain-Based Access Control with Attribute). QAE-BAC introduces a formal (r, t)-anonymity model to dynamically quantify the re-identification risk of users based on their access attributes and history. Furthermore, it features an Entropy-Weighted Path Tree (EWPT) that optimizes policy structure based on realtime anonymity metrics, drastically reducing policy matching complexity. Implemented and evaluated on Hyperledger Fabric, QAE-BAC demonstrates a superior balance between privacy and performance. Experimental results show that it effectively mitigates re-identification risks and outperforms state-of-the-art baselines, achieving up to an 11x improvement in throughput and an 87% reduction in latency, proving its practicality for privacy-sensitive decentralized applications.