Blockchain-Research and Applications最新文献_第5页

Automated mechanism to support trade transactions in smart contracts with upgrade and repair 支持智能合约中贸易交易的自动机制，包括升级和修复

IF 6.9 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2025-03-28 DOI: 10.1016/j.bcra.2025.100285

Christian Gang Liu , Peter Bodorik , Dawn Jutla

In our previous research, we addressed the problem of automated transformation of models, represented using the business process model and notation (BPMN) standard, into the methods of a smart contract. The transformation supports BPMN models that contain complex multi-step activities that are supported using our concept of multi-step nested trade transactions, wherein the transactional properties are enforced by a mechanism generated automatically by the transformation process from a BPMN model to a smart contract. In this paper, we present a methodology for repairing a smart contract that cannot be completed due to events that were not anticipated by the developer and thus prevent the completion of the smart contract. The repair process starts with the original BPMN model fragment causing the issue, providing the modeler with the innermost transaction fragment containing the failed activity. The modeler amends the BPMN pattern on the basis of the successful completion of previous activities. If repairs exceed the inner transaction’s scope, they are addressed using the parent transaction’s BPMN model. The amended BPMN model is then transformed into a new smart contract, ensuring consistent data and logic transitions. We previously developed a tool, called TABS+, as a proof of concept (PoC) to transform BPMN models into smart contracts for nested transactions. This paper describes the tool TABS+R, developed by extending the TABS+ tool, to allow the repair of smart contracts.

在我们之前的研究中，我们解决了使用业务流程模型和符号（BPMN）标准将模型自动转换为智能合约方法的问题。转换支持包含复杂的多步骤活动的BPMN模型，这些活动使用我们的多步骤嵌套交易事务概念来支持，其中事务属性由从BPMN模型到智能合约的转换过程自动生成的机制强制执行。在本文中，我们提出了一种修复智能合约的方法，该智能合约由于开发人员没有预料到的事件而无法完成，从而阻止了智能合约的完成。修复过程从导致问题的原始BPMN模型片段开始，向建模者提供包含失败活动的最内层事务片段。建模者在成功完成先前活动的基础上修改BPMN模式。如果修复超出了内部事务的范围，则使用父事务的BPMN模型对其进行处理。然后将修改后的BPMN模型转换为新的智能合约，确保数据和逻辑转换的一致性。我们之前开发了一个名为TABS+的工具，作为概念验证（PoC），将BPMN模型转换为嵌套事务的智能合约。本文描述了通过扩展TABS+工具开发的工具TABS+R，以允许智能合约的修复。

{"title":"Automated mechanism to support trade transactions in smart contracts with upgrade and repair","authors":"Christian Gang Liu , Peter Bodorik , Dawn Jutla","doi":"10.1016/j.bcra.2025.100285","DOIUrl":"10.1016/j.bcra.2025.100285","url":null,"abstract":"<div><div>In our previous research, we addressed the problem of automated transformation of models, represented using the business process model and notation (BPMN) standard, into the methods of a smart contract. The transformation supports BPMN models that contain complex multi-step activities that are supported using our concept of multi-step nested trade transactions, wherein the transactional properties are enforced by a mechanism generated automatically by the transformation process from a BPMN model to a smart contract. In this paper, we present a methodology for repairing a smart contract that cannot be completed due to events that were not anticipated by the developer and thus prevent the completion of the smart contract. The repair process starts with the original BPMN model fragment causing the issue, providing the modeler with the innermost transaction fragment containing the failed activity. The modeler amends the BPMN pattern on the basis of the successful completion of previous activities. If repairs exceed the inner transaction’s scope, they are addressed using the parent transaction’s BPMN model. The amended BPMN model is then transformed into a new smart contract, ensuring consistent data and logic transitions. We previously developed a tool, called TABS+, as a proof of concept (PoC) to transform BPMN models into smart contracts for nested transactions. This paper describes the tool TABS+<em>R</em>, developed by extending the TABS+ tool, to allow the repair of smart contracts.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 3","pages":"Article 100285"},"PeriodicalIF":6.9,"publicationDate":"2025-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144611703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

ACOFuzz: An ant colony algorithm-based fuzzer for smart contracts ACOFuzz：基于蚁群算法的智能合约模糊器

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2025-03-25 DOI: 10.1016/j.bcra.2025.100279

Peixuan Feng , Wenrui Cao , Siqi Lu , Yongjuan Wang , Haoyuan Xue , Runnan Yang

In today's blockchain landscape, smart contracts are assuming a pivotal role, albeit accompanied by a heightened risk of exploitation by attackers. As smart contracts grow in complexity, vulnerabilities lurking within deeper layers of code become more prevalent. Existing analysis tools primarily focus on data flow and a priori knowledge based on symbolic execution as a test case generation strategy, often falling short in uncovering vulnerabilities nested within intricate conditional statements. To address this challenge, we present ACOFuzz, an advanced fuzzer for Ethereum smart contracts. ACOFuzz employs the ant colony optimization (ACO) algorithm to traverse the control flow graph (CFG) of smart contracts, systematically exploring execution paths and generating test cases. Subsequently, it strategically directs the search towards paths that are more susceptible to vulnerabilities within the CFG, leveraging block coverage data obtained from executing the test cases. In a comprehensive evaluation, we demonstrate that ACOFuzz excels in covering a wider array of paths within a contract while exhibiting enhanced accuracy in pinpointing specific vulnerabilities compared to contemporary fuzzers.

在当今的bbb环境中，智能合约正在发挥关键作用，尽管伴随着攻击者利用的风险增加。随着智能合约变得越来越复杂，潜伏在更深层次代码中的漏洞变得越来越普遍。现有的分析工具主要关注数据流和基于符号执行的先验知识，将其作为测试用例生成策略，在发现嵌套在复杂条件语句中的漏洞方面往往存在不足。为了应对这一挑战，我们提出了ACOFuzz，一种用于以太坊智能合约的高级模糊器。ACOFuzz采用蚁群优化（ant colony optimization， ACO）算法遍历智能合约的控制流图（control flow graph， CFG），系统地探索执行路径并生成测试用例。随后，它战略性地将搜索指向CFG中更容易受到漏洞影响的路径，利用从执行测试用例中获得的块覆盖数据。在全面的评估中，我们证明了ACOFuzz在覆盖合约中更广泛的路径方面表现出色，同时与当代fuzzers相比，在精确定位特定漏洞方面表现出更高的准确性。

{"title":"ACOFuzz: An ant colony algorithm-based fuzzer for smart contracts","authors":"Peixuan Feng , Wenrui Cao , Siqi Lu , Yongjuan Wang , Haoyuan Xue , Runnan Yang","doi":"10.1016/j.bcra.2025.100279","DOIUrl":"10.1016/j.bcra.2025.100279","url":null,"abstract":"<div><div>In today's blockchain landscape, smart contracts are assuming a pivotal role, albeit accompanied by a heightened risk of exploitation by attackers. As smart contracts grow in complexity, vulnerabilities lurking within deeper layers of code become more prevalent. Existing analysis tools primarily focus on data flow and a priori knowledge based on symbolic execution as a test case generation strategy, often falling short in uncovering vulnerabilities nested within intricate conditional statements. To address this challenge, we present ACOFuzz, an advanced fuzzer for Ethereum smart contracts. ACOFuzz employs the ant colony optimization (ACO) algorithm to traverse the control flow graph (CFG) of smart contracts, systematically exploring execution paths and generating test cases. Subsequently, it strategically directs the search towards paths that are more susceptible to vulnerabilities within the CFG, leveraging block coverage data obtained from executing the test cases. In a comprehensive evaluation, we demonstrate that ACOFuzz excels in covering a wider array of paths within a contract while exhibiting enhanced accuracy in pinpointing specific vulnerabilities compared to contemporary fuzzers.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 3","pages":"Article 100279"},"PeriodicalIF":5.6,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144861166","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A blockchain-based platform for ensuring provenance and traceability of donations for cultural heritage 一个基于区块链的平台，用于确保文化遗产捐赠的来源和可追溯性

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2025-03-21 DOI: 10.1016/j.bcra.2025.100278

Sara Migliorini, Mauro Gambini, Alberto Belussi

The preservation and restoration of cultural heritage has acquired increasing attention in recent years since it has priceless value from both historical and touristic points of view. However, this activity requires considerable funds to be carried out, and frequently, such costs cannot rely entirely on public sources. At the same time, crowdfunding platforms are becoming a widely recognized way to collect funds and finance projects. Indeed, in the literature, some attempts have been made to use crowdfunding platforms to support renovation and restoration projects for cultural heritage items. Even if the benefits of their use in general, particularly for cultural heritage, are widely recognized, skepticism remains regarding transparency, reliability, and trustworthiness. In this regard, the emerging blockchain technology could represent an innovative solution for promoting and guaranteeing such properties through the entire crowdfunding process. However, existing solutions based on the direct use of cryptocurrencies for collecting funds have encountered users' fear and reluctance due to their novelty and the absence of clear and complete regulation by governments. For this reason, in this paper, we propose a solution that is not based on using cryptocurrencies but concentrates on the immutability, traceability, and trustworthiness properties that blockchain offers. To do so, an integrated solution is proposed that combines traditional platforms with a set of smart contracts and a Decentralized Application (dApp), allowing the immutable storage of information inside the blockchain and their subsequent validation by the donors.

近年来，文化遗产的保护和修复受到越来越多的关注，因为它从历史和旅游的角度来看都具有无价的价值。然而，这项活动需要大量的资金来进行，而且这些费用往往不能完全依靠公共来源。与此同时，众筹平台正在成为一种被广泛认可的筹集资金和融资项目的方式。事实上，在文献中，已经有一些尝试利用众筹平台来支持文物项目的翻新和修复。即使人们普遍认识到使用它们的好处，特别是对文化遗产的好处，人们仍然对透明度、可靠性和可信赖性持怀疑态度。在这方面，新兴的区块链技术可以代表一种创新的解决方案，通过整个众筹过程来促进和保证这些属性。然而，基于直接使用加密货币筹集资金的现有解决方案由于其新颖性和政府缺乏明确和完整的监管，遇到了用户的恐惧和不情愿。因此，在本文中，我们提出了一种不基于使用加密货币的解决方案，而是专注于区块链提供的不变性、可追溯性和可信赖性。为此，提出了一种集成的解决方案，将传统平台与一组智能合约和分布式应用程序（dApp）相结合，允许在区块链中不可变地存储信息，并随后由捐助者进行验证。

{"title":"A blockchain-based platform for ensuring provenance and traceability of donations for cultural heritage","authors":"Sara Migliorini, Mauro Gambini, Alberto Belussi","doi":"10.1016/j.bcra.2025.100278","DOIUrl":"10.1016/j.bcra.2025.100278","url":null,"abstract":"<div><div>The preservation and restoration of cultural heritage has acquired increasing attention in recent years since it has priceless value from both historical and touristic points of view. However, this activity requires considerable funds to be carried out, and frequently, such costs cannot rely entirely on public sources. At the same time, crowdfunding platforms are becoming a widely recognized way to collect funds and finance projects. Indeed, in the literature, some attempts have been made to use crowdfunding platforms to support renovation and restoration projects for cultural heritage items. Even if the benefits of their use in general, particularly for cultural heritage, are widely recognized, skepticism remains regarding transparency, reliability, and trustworthiness. In this regard, the emerging blockchain technology could represent an innovative solution for promoting and guaranteeing such properties through the entire crowdfunding process. However, existing solutions based on the direct use of cryptocurrencies for collecting funds have encountered users' fear and reluctance due to their novelty and the absence of clear and complete regulation by governments. For this reason, in this paper, we propose a solution that is not based on using cryptocurrencies but concentrates on the immutability, traceability, and trustworthiness properties that blockchain offers. To do so, an integrated solution is proposed that combines traditional platforms with a set of smart contracts and a Decentralized Application (dApp), allowing the immutable storage of information inside the blockchain and their subsequent validation by the donors.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 3","pages":"Article 100278"},"PeriodicalIF":5.6,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144861165","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Federated Large Domain Model System 联邦大型领域模型系统

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2025-03-21 DOI: 10.1016/j.bcra.2025.100277

Chunming Rong , Jungwon Seo , Zihan Zhao , Ferhat Ozgur Catak , Jiahui Geng , Martin Gilje Jaatun

As organizations increasingly seek to build Foundation Models (FMs) using their own proprietary data, many are adopting private and in-house cloud infrastructures (often in addition to public clouds) to address concerns over cost, data privacy, and data sovereignty. However, these isolated private clouds frequently lack interoperability, creating barriers to cross-institutional collaboration, which is vital for training robust Domain-Specific Foundation Models (DSFMs) that rely on large and diverse datasets. Additionally, underutilized resources in private clouds lead to significant global energy inefficiencies. In this paper, we propose the Federated Large Domain Model System (FLDMS), a conceptual framework designed to facilitate collaborative foundation model development across multiple private cloud environments. We review the necessary enabling technologies, including decentralized protocols for data privacy and Large Language Models (LLMs) for automated orchestration, and present a high-level system design demonstrating how these components can be integrated. By enabling secure and efficient cross-organization cooperation, FLDMS provides a blueprint for building DSFMs while addressing the inefficiencies inherent in siloed private cloud systems.

随着组织越来越多地寻求使用自己的专有数据构建基础模型（FMs），许多组织正在采用私有和内部云基础设施（通常除了公共云之外）来解决成本、数据隐私和数据主权方面的问题。然而，这些孤立的私有云经常缺乏互操作性，给跨机构协作造成障碍，而跨机构协作对于训练依赖于大型和多样化数据集的健壮的特定领域基础模型（DSFMs）至关重要。此外，私有云中未充分利用的资源导致全球能源效率低下。在本文中，我们提出了联邦大领域模型系统（FLDMS），这是一个概念框架，旨在促进跨多个私有云环境的协作基础模型开发。我们回顾了必要的启用技术，包括用于数据隐私的分散协议和用于自动编排的大型语言模型（llm），并展示了一个高级系统设计，演示了如何集成这些组件。通过实现安全和高效的跨组织合作，FLDMS为构建DSFMs提供了蓝图，同时解决了孤立私有云系统固有的低效率问题。

{"title":"Federated Large Domain Model System","authors":"Chunming Rong , Jungwon Seo , Zihan Zhao , Ferhat Ozgur Catak , Jiahui Geng , Martin Gilje Jaatun","doi":"10.1016/j.bcra.2025.100277","DOIUrl":"10.1016/j.bcra.2025.100277","url":null,"abstract":"<div><div>As organizations increasingly seek to build Foundation Models (FMs) using their own proprietary data, many are adopting private and in-house cloud infrastructures (often in addition to public clouds) to address concerns over cost, data privacy, and data sovereignty. However, these isolated private clouds frequently lack interoperability, creating barriers to cross-institutional collaboration, which is vital for training robust Domain-Specific Foundation Models (DSFMs) that rely on large and diverse datasets. Additionally, underutilized resources in private clouds lead to significant global energy inefficiencies. In this paper, we propose the Federated Large Domain Model System (FLDMS), a conceptual framework designed to facilitate collaborative foundation model development across multiple private cloud environments. We review the necessary enabling technologies, including decentralized protocols for data privacy and Large Language Models (LLMs) for automated orchestration, and present a high-level system design demonstrating how these components can be integrated. By enabling secure and efficient cross-organization cooperation, FLDMS provides a blueprint for building DSFMs while addressing the inefficiencies inherent in siloed private cloud systems.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 3","pages":"Article 100277"},"PeriodicalIF":5.6,"publicationDate":"2025-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144780043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

The individual readiness and risk-related concerns of IT professionals for blockchain adoption IT专业人员对区块链采用的个人准备情况和风险相关的关注

IF 6.9 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2025-03-01 DOI: 10.1016/j.bcra.2024.100254

Cigdem Turhan , Ibrahim Akman

Blockchain has gained remarkable momentum since its introduction in 2008, drawing the attention of industries, individuals, and governments on a global scale. This technology has been studied in the literature, with a focus on technical aspects, application areas, and emerging research challenges. However, few studies address individuals’ perceptions of and concerns with respect to blockchain adoption. This study aims to investigate the attributes affecting blockchain adoption intention. A sample of IT professionals was used for this purpose since they are expected to have earlier and greater awareness of new digital technologies. The perceptions of this group of users regarding attributes such as innovativeness, self-efficacy, social pressure, and awareness, as well as their perceptions of privacy, security, and complexity, were examined through a survey of 208 responses. The results indicate that among the individual attributes, personal innovativeness, awareness, and social pressure positively affect blockchain acceptance, whereas security and privacy concerns fuel the reluctance to adopt blockchain. The findings hopefully provide insight for developers and management of enterprises to ensure a smooth transition into blockchain and present evidence to forecast its future.

b区块链自2008年推出以来，势头强劲，在全球范围内引起了行业、个人和政府的关注。该技术已经在文献中进行了研究，重点是技术方面，应用领域和新兴的研究挑战。然而，很少有研究涉及个人对区块链收养的看法和关注。本研究旨在探讨影响区块链采用意愿的因素。为了这个目的，我们使用了IT专业人员的样本，因为他们被期望对新的数字技术有更早和更强的认识。通过对208个回复的调查，研究了这组用户对创新、自我效能、社会压力和意识等属性的看法，以及他们对隐私、安全性和复杂性的看法。结果表明，在个体属性中，个人创新、意识和社会压力正向影响bbb接受度，而安全和隐私担忧则助长了不愿采用bbb。研究结果有望为开发人员和企业管理层提供见解，以确保顺利过渡到区块链，并提供证据来预测其未来。

{"title":"The individual readiness and risk-related concerns of IT professionals for blockchain adoption","authors":"Cigdem Turhan , Ibrahim Akman","doi":"10.1016/j.bcra.2024.100254","DOIUrl":"10.1016/j.bcra.2024.100254","url":null,"abstract":"<div><div>Blockchain has gained remarkable momentum since its introduction in 2008, drawing the attention of industries, individuals, and governments on a global scale. This technology has been studied in the literature, with a focus on technical aspects, application areas, and emerging research challenges. However, few studies address individuals’ perceptions of and concerns with respect to blockchain adoption. This study aims to investigate the attributes affecting blockchain adoption intention. A sample of IT professionals was used for this purpose since they are expected to have earlier and greater awareness of new digital technologies. The perceptions of this group of users regarding attributes such as innovativeness, self-efficacy, social pressure, and awareness, as well as their perceptions of privacy, security, and complexity, were examined through a survey of 208 responses. The results indicate that among the individual attributes, personal innovativeness, awareness, and social pressure positively affect blockchain acceptance, whereas security and privacy concerns fuel the reluctance to adopt blockchain. The findings hopefully provide insight for developers and management of enterprises to ensure a smooth transition into blockchain and present evidence to forecast its future.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 1","pages":"Article 100254"},"PeriodicalIF":6.9,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143683328","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Multi-platform wallet for privacy protection and key recovery in decentralized applications 用于分散应用中隐私保护和密钥恢复的多平台钱包

IF 6.9 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2025-03-01 DOI: 10.1016/j.bcra.2024.100243

Cristòfol Daudén-Esmel, Jordi Castellà-Roca, Alexandre Viejo, Ignacio Miguel-Rodríguez

In recent years, the rise of blockchain technology and its applications has led the software development industry to consider blockchain-powered Decentralized Applications (dApps) as serverless REST APIs. However, to engage with dApps, users require a blockchain wallet. This tool facilitates the generation and secure storage of a user's private key and verifies their identity, among other functionalities. Despite their utility, blockchain wallets present significant challenges, such as reliance on trusted third parties, vulnerability to adversaries observing and potentially linking user interactions, key recovery issues, and synchronization of cryptographic keys across multiple devices. This paper addresses these challenges by introducing a fully decentralized multi-platform wallet that leverages blockchain and InterPlanetary File System (IPFS) technologies for managing asymmetric keys and enabling key recovery. This novel approach empowers users to interact with dApps built on blockchain smart contracts while preserving their privacy and ensuring seamless key recovery in the case of device theft or damage. The proposed system is economically viable, with in-depth cost analysis, and demonstrates resilience against security and privacy attacks. A comparative analysis highlights the advantages of the new scheme over existing mainstream and state-of-the-art solutions. Finally, a preliminary prototype implementation is presented to validate the system's feasibility.

近年来，区块链技术及其应用的兴起导致软件开发行业将区块链驱动的去中心化应用程序（dApps）视为无服务器REST api。然而，要使用dapp，用户需要一个区块链钱包。此工具有助于生成和安全存储用户的私钥，并验证其身份，以及其他功能。尽管它们很实用，但区块链钱包仍然面临着重大挑战，例如对受信任的第三方的依赖、攻击者观察和潜在链接用户交互的脆弱性、密钥恢复问题以及跨多个设备的加密密钥同步。本文通过引入一个完全分散的多平台钱包来解决这些挑战，该钱包利用区块链和星际文件系统（IPFS）技术来管理非对称密钥并启用密钥恢复。这种新颖的方法使用户能够与基于区块链智能合约构建的dapp进行交互，同时保护他们的隐私，并确保在设备被盗或损坏的情况下无缝恢复密钥。所提出的系统在经济上是可行的，具有深入的成本分析，并展示了对安全和隐私攻击的弹性。对比分析强调了新方案比现有主流和最先进的解决方案的优势。最后，给出了一个初步的原型实现来验证系统的可行性。

{"title":"Multi-platform wallet for privacy protection and key recovery in decentralized applications","authors":"Cristòfol Daudén-Esmel, Jordi Castellà-Roca, Alexandre Viejo, Ignacio Miguel-Rodríguez","doi":"10.1016/j.bcra.2024.100243","DOIUrl":"10.1016/j.bcra.2024.100243","url":null,"abstract":"<div><div>In recent years, the rise of blockchain technology and its applications has led the software development industry to consider blockchain-powered Decentralized Applications (dApps) as serverless REST APIs. However, to engage with dApps, users require a blockchain wallet. This tool facilitates the generation and secure storage of a user's private key and verifies their identity, among other functionalities. Despite their utility, blockchain wallets present significant challenges, such as reliance on trusted third parties, vulnerability to adversaries observing and potentially linking user interactions, key recovery issues, and synchronization of cryptographic keys across multiple devices. This paper addresses these challenges by introducing a fully decentralized multi-platform wallet that leverages blockchain and InterPlanetary File System (IPFS) technologies for managing asymmetric keys and enabling key recovery. This novel approach empowers users to interact with dApps built on blockchain smart contracts while preserving their privacy and ensuring seamless key recovery in the case of device theft or damage. The proposed system is economically viable, with in-depth cost analysis, and demonstrates resilience against security and privacy attacks. A comparative analysis highlights the advantages of the new scheme over existing mainstream and state-of-the-art solutions. Finally, a preliminary prototype implementation is presented to validate the system's feasibility.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 1","pages":"Article 100243"},"PeriodicalIF":6.9,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143580550","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

TRADE-5G: A blockchain-based transparent and secure resource exchange for 5G network slicing TRADE-5G：基于区块链的透明安全的5G网络切片资源交换

IF 6.9 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2025-03-01 DOI: 10.1016/j.bcra.2024.100246

El-hacen Diallo, Khaldoun Al Agha, Steven Martin

The advent of 5G technology has revolutionized network communication by introducing network slicing (NS) and virtualization to allow multiple network service providers (NSPs) to share infrastructure, thereby reducing deployment costs and accelerating 5G adoption. While this new open marketplace enables NSPs to trade resources dynamically, it also exposes the system to security concerns, such as front-running and selfish-validation attacks, which can lead to market manipulation and strategy leakage. This paper presents TRADE-5G, a secure blockchain-based marketplace for 5G resource trading that mitigates these attacks and ensures fair, transparent resource allocation while preserving the confidentiality of NSP strategies. Through extensive simulations, TRADE-5G demonstrates a substantial 18% improvement in user satisfaction and a 36% reduction in wasted resources compared to traditional models. Additionally, it opens new profit opportunities for NSPs through unused resources, establishing a more competitive, secure, and transparent 5G trading environment that exceeds the capabilities of traditional mobile networks.

5G技术的出现彻底改变了网络通信，引入了网络切片（NS）和虚拟化，允许多个网络服务提供商（nsp）共享基础设施，从而降低了部署成本并加速了5G的采用。虽然这个新的开放市场使nsp能够动态地交易资源，但它也使系统暴露于安全问题，例如抢先运行和自私验证攻击，这可能导致市场操纵和策略泄漏。本文介绍了TRADE-5G，这是一个安全的基于区块链的5G资源交易市场，可以减轻这些攻击，并确保公平、透明的资源分配，同时保持NSP策略的机密性。通过广泛的模拟，与传统模式相比，TRADE-5G的用户满意度提高了18%，资源浪费减少了36%。此外，它通过未使用的资源为nsp开辟了新的利润机会，建立了一个超越传统移动网络能力的更具竞争力、安全性和透明度的5G交易环境。

{"title":"TRADE-5G: A blockchain-based transparent and secure resource exchange for 5G network slicing","authors":"El-hacen Diallo, Khaldoun Al Agha, Steven Martin","doi":"10.1016/j.bcra.2024.100246","DOIUrl":"10.1016/j.bcra.2024.100246","url":null,"abstract":"<div><div>The advent of 5G technology has revolutionized network communication by introducing network slicing (NS) and virtualization to allow multiple network service providers (NSPs) to share infrastructure, thereby reducing deployment costs and accelerating 5G adoption. While this new open marketplace enables NSPs to trade resources dynamically, it also exposes the system to security concerns, such as front-running and selfish-validation attacks, which can lead to market manipulation and strategy leakage. This paper presents TRADE-5G, a secure blockchain-based marketplace for 5G resource trading that mitigates these attacks and ensures fair, transparent resource allocation while preserving the confidentiality of NSP strategies. Through extensive simulations, TRADE-5G demonstrates a substantial 18% improvement in user satisfaction and a 36% reduction in wasted resources compared to traditional models. Additionally, it opens new profit opportunities for NSPs through unused resources, establishing a more competitive, secure, and transparent 5G trading environment that exceeds the capabilities of traditional mobile networks.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 1","pages":"Article 100246"},"PeriodicalIF":6.9,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143683322","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Editorials of BCRA 2024 BCRA 2024社论

IF 6.9 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2025-03-01 DOI: 10.1016/j.bcra.2024.100270

Lingfeng Bao , Ruidong Zhang , Xiaohu Yang , Chunming Rong

引用次数: 0

New Ethereum-based distributed PKI with a reward-and-punishment mechanism 新的基于以太坊的分布式PKI，具有奖惩机制

IF 6.9 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2025-03-01 DOI: 10.1016/j.bcra.2024.100239

Chong-Gee Koa , Swee-Huay Heng , Ji-Jian Chin

This paper explores the critical role of Public Key Infrastructure (PKI) in ensuring the security of electronic transactions, particularly in validating the authenticity of websites in online environments. Traditional Centralised PKIs (CPKIs) relying on Certificate Authorities (CAs) face a significant drawback due to their susceptibility to a single point of failure. To address this concern, Decentralised PKIs (DPKIs) have emerged as an alternative. However, both centralised and decentralised approaches encounter specific challenges.

Researchers have made several attempts using blockchain-based PKI, which implements a reward and punishment mechanism to enhance the security of traditional PKI. Most of the attempts are focused on CA-based PKI, which still suffers from the risk of a single point of failure. Inspired by ETHERST, which is a blockchain-based PKI that implements Web of Trust (WoT) with reward and punishment, we introduce ETHERST version 3.0, with improvements in its secure level algorithm that enhances trustworthiness measurement. Comparative simulations between ETHERST version 2.0 and ETHERST version 3.0 reveal the superior performance of the latter in trustworthiness measurement and ensure the higher security of a virtual community. The new simulation algorithm with different node type definitions and assumptions presents results through tables and graphs, showing that ETHERST version 3.0 outperforms ETHERST version 2.0. This research contributes to advancing the field by introducing an innovative PKI solution with enhanced trustworthiness and security features.

本文探讨了公钥基础设施（PKI）在确保电子交易安全方面的关键作用，特别是在验证在线环境中网站的真实性方面。依赖于证书颁发机构（ca）的传统集中式pki （cpki）由于易受单点故障的影响而面临一个重大缺陷。为了解决这个问题，分散式pki （DPKIs）作为一种替代方案出现了。然而，集中式和分散式方法都遇到了具体的挑战。研究人员对基于区块链的PKI进行了多次尝试，采用奖惩机制来提高传统PKI的安全性。大多数尝试都集中在基于ca的PKI上，它仍然存在单点故障的风险。ETHERST是一种基于区块链的PKI，通过奖惩机制实现了信任网（WoT），受其启发，我们推出了ETHERST 3.0版本，改进了其安全级别算法，增强了可信度度量。通过对ETHERST 2.0和3.0版本的对比仿真，揭示了后者在可信度度量方面的优越性能，保证了虚拟社区更高的安全性。采用不同节点类型定义和假设的新仿真算法通过表格和图表给出了结果，表明ETHERST 3.0版本优于ETHERST 2.0版本。本研究通过引入具有增强可信度和安全性的创新PKI解决方案，有助于推动该领域的发展。

{"title":"New Ethereum-based distributed PKI with a reward-and-punishment mechanism","authors":"Chong-Gee Koa , Swee-Huay Heng , Ji-Jian Chin","doi":"10.1016/j.bcra.2024.100239","DOIUrl":"10.1016/j.bcra.2024.100239","url":null,"abstract":"<div><div>This paper explores the critical role of Public Key Infrastructure (PKI) in ensuring the security of electronic transactions, particularly in validating the authenticity of websites in online environments. Traditional Centralised PKIs (CPKIs) relying on Certificate Authorities (CAs) face a significant drawback due to their susceptibility to a single point of failure. To address this concern, Decentralised PKIs (DPKIs) have emerged as an alternative. However, both centralised and decentralised approaches encounter specific challenges.</div><div>Researchers have made several attempts using blockchain-based PKI, which implements a reward and punishment mechanism to enhance the security of traditional PKI. Most of the attempts are focused on CA-based PKI, which still suffers from the risk of a single point of failure. Inspired by ETHERST, which is a blockchain-based PKI that implements Web of Trust (WoT) with reward and punishment, we introduce ETHERST version 3.0, with improvements in its secure level algorithm that enhances trustworthiness measurement. Comparative simulations between ETHERST version 2.0 and ETHERST version 3.0 reveal the superior performance of the latter in trustworthiness measurement and ensure the higher security of a virtual community. The new simulation algorithm with different node type definitions and assumptions presents results through tables and graphs, showing that ETHERST version 3.0 outperforms ETHERST version 2.0. This research contributes to advancing the field by introducing an innovative PKI solution with enhanced trustworthiness and security features.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 1","pages":"Article 100239"},"PeriodicalIF":6.9,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143552974","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Supporting secure and efficient collaborative health information exchange: A hybrid blockchain and ontology based approach 支持安全和有效的协作健康信息交换：基于区块链和本体的混合方法

IF 6.9 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2025-03-01 DOI: 10.1016/j.bcra.2024.100248

Ramandeep Kaur Sandhu , Manoj A Thomas , Kweku Muata Osei-Bryson

Patients visit different healthcare institutions during their lifetime, and as a result, their personal health records are stored across different healthcare information systems. Cross-institutional patient data sharing is essential to provide caregivers with a comprehensive view of patients’ health profiles and improving the quality of care. However, security, semantic interoperability, and trust are major barriers that limit seamless exchange of healthcare data. To address these concerns, we apply the Design Science Research (DSR) methodology to propose and develop a functional blockchain-based healthcare information exchange system. At its core, the DSR artifact, called Blockchain-based Healthcare Information Exchange System (B-HIES), integrates private permissioned blockchain technology and interactive ontology mapping techniques. The efficacy and complementarity of the solution are evaluated based on a combination of scenario-based simulation and logically informed arguments. The integration of permissioned blockchain technology and interactive ontology mapping techniques in our proposed solution provides secure, reliable, and trustworthy data exchange among healthcare institutions. This paper discusses how the solution streamlines patent data exchange in heterogeneous healthcare networks. We note that developing such a system is a complex process and requires the involvement of experts with specialized knowledge in a variety of disciplines, such as blockchain, ontologies, healthcare, and medicine.

患者一生中会访问不同的医疗保健机构，因此，他们的个人健康记录存储在不同的医疗保健信息系统中。跨机构患者数据共享对于为护理人员提供患者健康概况的全面视图和提高护理质量至关重要。然而，安全性、语义互操作性和信任是限制医疗保健数据无缝交换的主要障碍。为了解决这些问题，我们应用设计科学研究（DSR）方法来提出和开发一个功能性的基于区块链的医疗保健信息交换系统。DSR工件的核心是基于区块链的医疗保健信息交换系统（B-HIES），它集成了私有许可的区块链技术和交互式本体映射技术。该解决方案的有效性和互补性是基于基于场景的模拟和逻辑信息论证的组合来评估的。在我们提出的解决方案中集成许可区块链技术和交互式本体映射技术，可在医疗保健机构之间提供安全、可靠和可信的数据交换。本文讨论了该解决方案如何简化异构医疗保健网络中的专利数据交换。我们注意到，开发这样一个系统是一个复杂的过程，需要具有各种学科专业知识的专家的参与，例如区块链、本体论、医疗保健和医学。

{"title":"Supporting secure and efficient collaborative health information exchange: A hybrid blockchain and ontology based approach","authors":"Ramandeep Kaur Sandhu , Manoj A Thomas , Kweku Muata Osei-Bryson","doi":"10.1016/j.bcra.2024.100248","DOIUrl":"10.1016/j.bcra.2024.100248","url":null,"abstract":"<div><div>Patients visit different healthcare institutions during their lifetime, and as a result, their personal health records are stored across different healthcare information systems. Cross-institutional patient data sharing is essential to provide caregivers with a comprehensive view of patients’ health profiles and improving the quality of care. However, security, semantic interoperability, and trust are major barriers that limit seamless exchange of healthcare data. To address these concerns, we apply the Design Science Research (DSR) methodology to propose and develop a functional blockchain-based healthcare information exchange system. At its core, the DSR artifact, called Blockchain-based Healthcare Information Exchange System (B-HIES), integrates private permissioned blockchain technology and interactive ontology mapping techniques. The efficacy and complementarity of the solution are evaluated based on a combination of scenario-based simulation and logically informed arguments. The integration of permissioned blockchain technology and interactive ontology mapping techniques in our proposed solution provides secure, reliable, and trustworthy data exchange among healthcare institutions. This paper discusses how the solution streamlines patent data exchange in heterogeneous healthcare networks. We note that developing such a system is a complex process and requires the involvement of experts with specialized knowledge in a variety of disciplines, such as blockchain, ontologies, healthcare, and medicine.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"6 1","pages":"Article 100248"},"PeriodicalIF":6.9,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143628383","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0