联盟区块链中跨域数据安全共享的访问控制模型

IET Blockchain Pub Date : 2023-01-06 DOI:10.1049/blc2.12022
Yang Liu, Weidong Yang, Yanlin Wang, Yang Liu
{"title":"联盟区块链中跨域数据安全共享的访问控制模型","authors":"Yang Liu,&nbsp;Weidong Yang,&nbsp;Yanlin Wang,&nbsp;Yang Liu","doi":"10.1049/blc2.12022","DOIUrl":null,"url":null,"abstract":"<p>With the rapid increment of the demand for data sharing among parties, data is considered a cornerstone component to provide value in the big data environment. Concerns regarding sharing data security have impeded the development of cross-domain data interaction. Therefore, an access control model for data security sharing cross-domain is proposed, Fabric-ABAC, that is based on Hyperledger Fabric and Attribute-based Access Control (ABAC). In order to solve the data security challenges caused by a trusted central organization implementation, a distributed environment is constructed that consists of stakeholders among parties. The unified attribute model is designed for multi-environment combined with smart contracts. Fabric-ABAC realizes multi-level, fine-grained, and auditable access control, enabling data security through automatic permission verification. Considering the ledger is visible to all participants in consortium blockchain, it is necessary to protect the confidentiality of sensitive data. Thus, Proxy Re-Encryption (PRE), which is implemented by smart contracts, is adopted in the scheme to realize the ciphertext interaction without the third party. The security of PRE and the access control model used in Fabric-ABAC is discussed to show that a secure environment for data sharing is provided. Moreover, the completeness of the implementation and effectiveness of the system performance in the multi-domain environment is demonstrated in the experimental results.</p>","PeriodicalId":100650,"journal":{"name":"IET Blockchain","volume":"3 1","pages":"18-34"},"PeriodicalIF":0.0000,"publicationDate":"2023-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/blc2.12022","citationCount":"4","resultStr":"{\"title\":\"An access control model for data security sharing cross-domain in consortium blockchain\",\"authors\":\"Yang Liu,&nbsp;Weidong Yang,&nbsp;Yanlin Wang,&nbsp;Yang Liu\",\"doi\":\"10.1049/blc2.12022\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>With the rapid increment of the demand for data sharing among parties, data is considered a cornerstone component to provide value in the big data environment. Concerns regarding sharing data security have impeded the development of cross-domain data interaction. Therefore, an access control model for data security sharing cross-domain is proposed, Fabric-ABAC, that is based on Hyperledger Fabric and Attribute-based Access Control (ABAC). In order to solve the data security challenges caused by a trusted central organization implementation, a distributed environment is constructed that consists of stakeholders among parties. The unified attribute model is designed for multi-environment combined with smart contracts. Fabric-ABAC realizes multi-level, fine-grained, and auditable access control, enabling data security through automatic permission verification. Considering the ledger is visible to all participants in consortium blockchain, it is necessary to protect the confidentiality of sensitive data. Thus, Proxy Re-Encryption (PRE), which is implemented by smart contracts, is adopted in the scheme to realize the ciphertext interaction without the third party. The security of PRE and the access control model used in Fabric-ABAC is discussed to show that a secure environment for data sharing is provided. Moreover, the completeness of the implementation and effectiveness of the system performance in the multi-domain environment is demonstrated in the experimental results.</p>\",\"PeriodicalId\":100650,\"journal\":{\"name\":\"IET Blockchain\",\"volume\":\"3 1\",\"pages\":\"18-34\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-01-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://onlinelibrary.wiley.com/doi/epdf/10.1049/blc2.12022\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Blockchain\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/blc2.12022\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Blockchain","FirstCategoryId":"1085","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/blc2.12022","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4

摘要

随着各方对数据共享需求的快速增长,数据被认为是在大数据环境中提供价值的基石组成部分。对共享数据安全的担忧阻碍了跨领域数据交互的发展。因此,在Hyperledger Fabric和基于属性的访问控制(ABAC)的基础上,提出了一种跨域数据安全共享的访问控制模型Fabric ABAC。为了解决由可信的中央组织实现引起的数据安全挑战,构建了一个由各方利益相关者组成的分布式环境。统一属性模型是为多环境和智能合约相结合而设计的。Fabric ABAC实现了多级、细粒度和可审核的访问控制,通过自动权限验证实现了数据安全。考虑到联盟区块链的所有参与者都可以看到账本,因此有必要保护敏感数据的机密性。因此,该方案采用了由智能合约实现的代理再加密(PRE),实现了无需第三方的密文交互。讨论了PRE的安全性和Fabric ABAC中使用的访问控制模型,表明为数据共享提供了一个安全的环境。此外,实验结果证明了系统在多域环境中实现的完整性和性能的有效性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

摘要图片

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
An access control model for data security sharing cross-domain in consortium blockchain

With the rapid increment of the demand for data sharing among parties, data is considered a cornerstone component to provide value in the big data environment. Concerns regarding sharing data security have impeded the development of cross-domain data interaction. Therefore, an access control model for data security sharing cross-domain is proposed, Fabric-ABAC, that is based on Hyperledger Fabric and Attribute-based Access Control (ABAC). In order to solve the data security challenges caused by a trusted central organization implementation, a distributed environment is constructed that consists of stakeholders among parties. The unified attribute model is designed for multi-environment combined with smart contracts. Fabric-ABAC realizes multi-level, fine-grained, and auditable access control, enabling data security through automatic permission verification. Considering the ledger is visible to all participants in consortium blockchain, it is necessary to protect the confidentiality of sensitive data. Thus, Proxy Re-Encryption (PRE), which is implemented by smart contracts, is adopted in the scheme to realize the ciphertext interaction without the third party. The security of PRE and the access control model used in Fabric-ABAC is discussed to show that a secure environment for data sharing is provided. Moreover, the completeness of the implementation and effectiveness of the system performance in the multi-domain environment is demonstrated in the experimental results.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
1.80
自引率
0.00%
发文量
0
期刊最新文献
Blockchain transaction data mining and its applications Research on airport baggage anomaly retention detection technology based on machine vision, edge computing, and blockchain Data‐sharing strategies in medical consortium based on master‐slave multichain and federated learning RON‐based cross‐chain routing optimization strategy in metaverse Leveraging ontochains for distributed public transit ticketing: An investigation with the system for ticketing ubiquity with blockchains
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1