A privacy-preserving traceability system for self-sovereign identity-based inter-organizational business processes

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE Computer Standards & Interfaces Pub Date : 2024-09-25 DOI:10.1016/j.csi.2024.103930

{"title":"A privacy-preserving traceability system for self-sovereign identity-based inter-organizational business processes","authors":"","doi":"10.1016/j.csi.2024.103930","DOIUrl":null,"url":null,"abstract":"<div><div>Blockchain is a potential technology for collaborating organizations, notably for executing their Inter-Organizational Business Processes (IOBPs). While Blockchain’s transparency and decentralized characteristics address the lack-of-trust issue in IOBPs, many existing Blockchain solutions share this data on the ledger, often at the expense of serious privacy concerns. Alternatively, Self-Sovereign Identity (SSI) systems are revolutionary Blockchain-based solutions that provide complete data control. Unlike traditional Blockchain solutions, many SSI systems do not record the exchange of transactional data between entities on the ledger in order to comply with privacy regulations. However, this can imply a gap in cases where legal traceability is required for audit purposes. To address traceability issues in SSI-based IOBP, this paper leverages Zero-Knowledge Proof (ZKP) and Fully Homomorphic Encryption (FHE) to provide an efficient privacy-preserving traceability solution. The purpose of this paper is to achieve traceability that strikes a balance between privacy and transparency. This paper also provides a proof-of-concept implementation and a comparative evaluation. The evaluation shows that the proposed ZKP approach provides better financial cost and performance results compared to traditional Blockchain-based traceability solutions.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":4.1000,"publicationDate":"2024-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Standards & Interfaces","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0920548924000990","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Blockchain is a potential technology for collaborating organizations, notably for executing their Inter-Organizational Business Processes (IOBPs). While Blockchain’s transparency and decentralized characteristics address the lack-of-trust issue in IOBPs, many existing Blockchain solutions share this data on the ledger, often at the expense of serious privacy concerns. Alternatively, Self-Sovereign Identity (SSI) systems are revolutionary Blockchain-based solutions that provide complete data control. Unlike traditional Blockchain solutions, many SSI systems do not record the exchange of transactional data between entities on the ledger in order to comply with privacy regulations. However, this can imply a gap in cases where legal traceability is required for audit purposes. To address traceability issues in SSI-based IOBP, this paper leverages Zero-Knowledge Proof (ZKP) and Fully Homomorphic Encryption (FHE) to provide an efficient privacy-preserving traceability solution. The purpose of this paper is to achieve traceability that strikes a balance between privacy and transparency. This paper also provides a proof-of-concept implementation and a comparative evaluation. The evaluation shows that the proposed ZKP approach provides better financial cost and performance results compared to traditional Blockchain-based traceability solutions.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于自我主权身份的组织间业务流程的隐私保护可追溯性系统

区块链是一种潜在的合作组织技术，尤其适用于执行组织间业务流程（IOBPs）。虽然区块链的透明度和去中心化特性解决了组织间业务流程中缺乏信任的问题，但许多现有的区块链解决方案在分类账上共享这些数据，往往以严重的隐私问题为代价。另外，主权身份（SSI）系统是基于区块链的革命性解决方案，可提供完全的数据控制。与传统的区块链解决方案不同，许多 SSI 系统不在分类账上记录实体之间的交易数据交换，以遵守隐私法规。然而，这可能意味着在审计目的需要法律可追溯性的情况下存在漏洞。为了解决基于 SSI 的 IOBP 中的可追溯性问题，本文利用零知识证明（ZKP）和全同态加密（FHE）提供了一种高效的隐私保护可追溯性解决方案。本文的目的是实现在隐私和透明度之间取得平衡的可追溯性。本文还提供了概念验证实现和比较评估。评估结果表明，与传统的基于区块链的溯源解决方案相比，所提出的 ZKP 方法能提供更好的财务成本和性能结果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Computer Standards & Interfaces 工程技术-计算机：软件工程

CiteScore

11.90

自引率

16.00%

发文量

审稿时长

6 months

期刊介绍： The quality of software, well-defined interfaces (hardware and software), the process of digitalisation, and accepted standards in these fields are essential for building and exploiting complex computing, communication, multimedia and measuring systems. Standards can simplify the design and construction of individual hardware and software components and help to ensure satisfactory interworking. Computer Standards & Interfaces is an international journal dealing specifically with these topics. The journal • Provides information about activities and progress on the definition of computer standards, software quality, interfaces and methods, at national, European and international levels • Publishes critical comments on standards and standards activities • Disseminates user''s experiences and case studies in the application and exploitation of established or emerging standards, interfaces and methods • Offers a forum for discussion on actual projects, standards, interfaces and methods by recognised experts • Stimulates relevant research by providing a specialised refereed medium.