基于区块链的可溯源访问控制机制

谢绒娜; 李晖; 史国振; 郭云川; 张铭; 董秀则

doi:10.11959/j.issn.1000-436X.2020232

您当前的位置：

首页 >

文章列表页 >

基于区块链的可溯源访问控制机制

学术论文 | 更新时间：2024-06-05

- 基于区块链的可溯源访问控制机制
- Blockchain-based access control mechanism for data traceability
- 通信学报 2020年41卷第12期页码：82-93
- 作者机构：
  
  1. 北京电子科技学院密码科学与技术系，北京100070
  2. 西安电子科技大学网络与信息安全学院，陕西西安 710071
  3. 中国科学院信息工程研究所，北京100093
- 作者简介：
  
  [ "谢绒娜（1976- ），女，山西永济人，博士，北京电子科技学院副教授，主要研究方向为网络与系统安全、访问控制、密码工程。" ]
  [ "李晖（1968- ），男，河南灵宝人，博士，西安电子科技大学教授、博士生导师，主要研究方向为密码信息安全、信息论与编码理论。" ]
  [ "史国振（1974- ），男，河南济源人，博士，北京电子科技学院教授级高级工程师、硕士生导师，主要研究方向为网络与系统安全、嵌入式安全。" ]
  [ "郭云川（1977- ），男，四川营山人，博士，中国科学院研究员、博士生导师，主要研究方向为访问控制、形式化方法。" ]
  [ "张铭（1997- ），男，浙江宁波人，西安电子科技大学硕士生，主要研究方向为区块链、数据共享和流转控制。" ]
  [ "董秀则（1976- ），男，山东莒县人，北京电子科技学院副教授，主要研究方向为密码信息安全、密码工程。" ]
- 基金信息：
  
  国家重点研发计划基金资助项目(2017YFB0802705);国家重点研发计划基金资助项目(2016QY06X1203);国家自然科学基金资助项目(61932015)
- DOI：10.11959/j.issn.1000-436X.2020232
  中图分类号： TP302
- 网络出版日期：2020-12，
  
  纸质出版日期：2020-12-25
- 稿件说明：
移动端阅览
谢绒娜, 李晖, 史国振, 等. 基于区块链的可溯源访问控制机制[J]. 通信学报, 2020,41(12):82-93.

Rongna XIE, Hui LI, Guozhen SHI, et al. Blockchain-based access control mechanism for data traceability[J]. Journal on communications, 2020, 41(12): 82-93.
谢绒娜, 李晖, 史国振, 等. 基于区块链的可溯源访问控制机制[J]. 通信学报, 2020,41(12):82-93. DOI： 10.11959/j.issn.1000-436X.2020232.

Rongna XIE, Hui LI, Guozhen SHI, et al. Blockchain-based access control mechanism for data traceability[J]. Journal on communications, 2020, 41(12): 82-93. DOI： 10.11959/j.issn.1000-436X.2020232.

摘要

为提高数据访问流转控制的透明性、访问流转的可溯源，提出了一种基于区块链的可溯源访问控制机制。所提机制将访问控制策略以智能合约的形式部署在区块链上，通过执行分布式的智能合约实现访问控制策略的评估，确保整个访问授权过程的无中心、透明性和可溯源；采用链下和链上相结合的方式，将客体存储在链下数据服务器，通过客体存储地址和摘要值等信息生成客体索引存储在客体区块链上；日志区块链详细记录了客体访问授权过程和访问过程，任何错误行为都不可修改地记录在区块链上。通过安全性分析，所提机制在保证客体资源隐私性的前提下，实现了访问授权无中心、透明性和可溯源。

Abstract

To improve the transparency and traceability of access control

a blockchain-based access control mechanism for data traceability and provenance was proposed.The proposed access control policy was transferred to the smart contract and deployed on the blockchain

and the access authorization evaluation was realized by executing the smart contract deployed on the blockchain to ensure the decentralization

transparency and traceability of the access control process.The manner of combining off-chain and on-chain was adopted

the object was stored in off-chain data server

and the object index was generated by the object storage address and hash value

and deployed on the object blockchain.The log of object access authorization and access were recorded in the log blockchain

any misbehavior was immutably recorded.The security analysis show that

the proposed mechanism achieve the properties of decentralization

transparency and traceability while ensuring the privacy of data.

关键词

Keywords

references

NAKAMOTO S . Bitcoin:a peer-to-peer electronic cash system [R ] . ( 2018 )[ 2020 - 06 - 22 ] .

NOVO O . Blockchain meets IoT:an architecture for scalable access management in IoT [J ] . IEEE Internet of Things Journal , 2018 , 5 ( 2 ): 1184 - 1195 .

SUKHODOLSKIY I , ZAPECHNIKOV S . A blockchain-based access control system for cloud storage [C ] // Proceedings of the 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering . Piscataway:IEEE Press , 2018 : 1575 - 1578 .

ZHU Y , QIN Y , GAN G H , et al . TBAC:transaction-based access control on blockchain for resource sharing with cryptographically decentralized authorization [C ] // Proceedings of the 2018 IEEE 42nd Annual Computer Software and Applications Conference . Piscataway:IEEE Press , 2018 : 535 - 544 .

ES-SAMAALI H , OUTCHAKOUCHT A , LEROY J P . A blockchain-based access control for big data [J ] . Journal of Computer Networks and Communications , 2017 , 5 ( 7 ): 137 - 147 .

MAESA D D F , MORI P , RICCI L . Blockchain based access control [C ] // Proceedings of the IFIP International Conference on Distributed Applications and Interoperable Systems . Geneva:IFIP Newsletter , 2017 : 206 - 220 .

MAESA D D F , MORI P , RICC L . A blockchain based approach for the definition of auditable access control system [J ] . Computers ＆ Security , 2019 , 84 ( 7 ): 93 - 119 .

MAESA D D F , MORI P , RICCI L . Blockchain based access control services [C ] // Proceedings of the IEEE International Symposium on Recent Advances on Blockchain and Its Applications (BlockchainApp) . Piscataway:IEEE Press , 2018 : 1379 - 1386 .

刘敖迪 , 杜学绘 , 王娜 , 等 . 基于区块链的大数据访问控制机制 [J ] . 软件学报 , 2019 , 30 ( 9 ): 2636 - 2654 .

LIU A D , DU X H , WANG N , et al . Blockchain-based access control mechanism for big data [J ] . Journal of Software , 2019 , 30 ( 9 ): 2636 - 2654 .

杜瑞忠 , 刘妍 , 田俊峰 . 物联网中基于智能合约的访问控制方法 [J ] . 计算机研究与发展 , 2019 , 56 ( 10 ): 2287 - 2298 .

DU R Z , LIU Y , TIAN J F . An access control method using smart con-tract for internet of things [J ] . Journal of Computer Research and De-velopment , 2019 , 56 ( 10 ): 2287 - 2298 .

TRUONG N B , SUN K , LEE G M , et al . GDPR-compliant personal data management:a blockchain-based solution [J ] . IEEE Transaction on Information Forensics and Security , 2019 , 15 ( 10 ): 1746 - 1761 .

WU Z , WILLIAMS A B , PEROULI D . Dependable public ledger for policy compliance,a blockchain based approach [C ] // Proceedings of the 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS) . Piscataway:IEEE Press , 2019 : 1891 - 1900 .

ZYSKIND G , NATHAN O . Decentralizing privacy:using blockchain to protect personal data [C ] // Proceedings of the Security and Privacy Workshops (SPW) . Piscataway:IEEE Press , 2015 : 180 - 184 .

KOSBA A , MILLER A , SHI E , et al . Hawk:the blockchain model of cryptography and privacy-preserving smart contracts [C ] // Proceedings of IEEE Symposium on Security and Privacy . Piscataway:IEEE Press , 2016 : 839 - 858 .

MAKHDOOM I , ZHOU I , ABOLHASAN M , et al . PrivySharing:a blockchain-based framework for privacy-preserving and secure data sharing in smart cities [J ] . Computers ＆ Security , 2020 , 88 ( 1 ): 1 - 34 .

RAHMAN M S , OMAR A A , BHUIYAN M Z A , et al . Accountable cross-border data sharing using blockchain under relaxed trust assumption [J ] . IEEE Transaction on engineering management , 2020 , 67 ( 4 ): 1476 - 1486 .

王秀利 , 江晓舟 , 李洋 . 应用区块链的数据访问控制与共享模型 [J ] . 软件学报 , 2019 , 30 ( 6 ): 1661 - 1669 .

WANG X L , JIANG X Z , LI Y . Model for data access control and sharing based on blockchain [J ] . Journal of Software , 2019 , 30 ( 6 ): 1661 - 1669 .

牛淑芬 , 刘文科 , 陈俐霞 , 等 . 基于联盟链的可搜索加密电子病历数据共享方案 [J ] . 通信学报 , 2020 , 41 ( 8 ): 204 - 214 .

NIU S F , LIU W K , CHEN L X , et al . Electronic medical record data sharing scheme based on searchable encryption via consortium block-chain [J ] . Journal on Communications , 2020 , 41 ( 8 ): 204 - 214 .

NEISSE R , STERI G,NAI-FOVINO I . A blockchain-based approach for data accountability and provenance tracking [C ] // Proceedings of the 12th International Conference on Availability,Reliability and Security (ARES’17) . New York:ACM Press , 2017 : 1 - 10 .

浏览量

951

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于预训练与新型时序图神经网络的智能合约漏洞检测方法

基于区块链的噪声化数据分享控制协议

基于蜕变测试的区块链智能合约漏洞检测方法

BFV-Blockchainvoting：支持BFV全同态加密的区块链电子投票系统

基于深度学习的区块链蜜罐陷阱合约检测