STBM：安全可信的基于区块链的网络安全服务交易模型

朴桂荣; 朱建明

doi:10.11959/j.issn.1000-436x.2024158

您当前的位置：

首页 >

文章列表页 >

STBM：安全可信的基于区块链的网络安全服务交易模型

学术论文 | 更新时间：2024-10-10

- STBM：安全可信的基于区块链的网络安全服务交易模型
- STBM: secure and trustworthy blockchain-based model for cybersecurity service transactions
- 通信学报 2024年45卷第9期页码：68-81
- 作者机构：
  
  中央财经大学信息学院，北京 102206
- 作者简介：
  
  [ "朴桂荣（1997- ），女，朝鲜族，黑龙江牡丹江人，中央财经大学博士生，主要研究方向为信息安全、数字经济等。" ]
  [ "朱建明（1965- ），男，山西太原人，博士，中央财经大学教授、博士生导师，主要研究方向为信息安全、区块链、金融科技等。" ]
- 基金信息：
  
  国家自然科学基金资助项目(62372493)
- DOI：10.11959/j.issn.1000-436x.2024158
  中图分类号： TN39
- 收稿日期：2024-04-10，
  
  修回日期：2024-08-17，
  
  纸质出版日期：2024-09-25
- 稿件说明：
移动端阅览
朴桂荣,朱建明.STBM：安全可信的基于区块链的网络安全服务交易模型[J].通信学报,2024,45(09):68-81.

PIAO Guirong,ZHU Jianming.STBM: secure and trustworthy blockchain-based model for cybersecurity service transactions[J].Journal on Communications,2024,45(09):68-81.
朴桂荣,朱建明.STBM：安全可信的基于区块链的网络安全服务交易模型[J].通信学报,2024,45(09):68-81. DOI： 10.11959/j.issn.1000-436x.2024158.

PIAO Guirong,ZHU Jianming.STBM: secure and trustworthy blockchain-based model for cybersecurity service transactions[J].Journal on Communications,2024,45(09):68-81. DOI： 10.11959/j.issn.1000-436x.2024158.

摘要

为了应对传统网络安全服务交易模型面临的众多挑战，适应产业数字化发展的需求，克服网络安全服务交易不方便、不透明的困难，提出了一种安全可信的基于区块链的网络安全服务交易模型，为网络安全服务提供安全、高效和可控的交易方式。通过网络安全服务的分类和全生命周期管理，引入双链结构和智能合约，旨在提高网络安全服务的可追溯性、透明性和安全性。首先，对网络安全服务进行多维度的分类，包括使用权、许可权、控制权和所有权，有助于更清晰地理解和有效地管理这些服务。进一步，构建服务链，以实现网络安全服务的全生命周期管理，包括创建、发布、配置、运行、维护、更新和结束等关键阶段，从而提高网络安全服务的可追溯性和透明性。此外，构建交易链用于自动化的服务交易，形成先服务后支付模式，确保交易的安全性和完整性。最后，通过实例与实验验证了这些组件在网络安全服务交易中的有效性和可信性。

Abstract

To overcome the numerous challenges faced by traditional models of cybersecurity service transactions

adapt to the needs of industrial digitalization

and address the inconveniences and opacity of cybersecurity service transactions

a secure and trustworthy blockchain-based model for cybersecurity service transactions was proposed

which could provide a secure

efficient

and controllable means of transaction for cybersecurity services. By categorizing cybersecurity services and managing the full lifecycle

and incorporating a dual-chain structure and smart contracts

the model sought to enhance the traceability

transparency

and security of cybersecurity services. Firstly

cybersecurity services were categorized into multiple dimensions

including usage rights

licensing rights

control rights

and ownership rights

to aid in clearer understanding and effective management of these services. Furthermore

a service chain was constructed for the full lifecycle management of cybersecurity services

covering key stages such as creation

publication

configuration

operation

maintenance

updating

and termination

thereby improving cybersecurity service traceability and transparency. In addition

a transaction chain was established for automated service transactions

adopting a post-service payment model to ensure the security and integrity of transactions. Finally

the effectiveness and trustworthiness of these components in cybersecurity service transactions were validated through case studies and experiments.

关键词

Keywords

references

YU Z H , GAO H X , CONG X Y , et al . A survey on cyber-physical systems security [J ] . IEEE Internet of Things Journal , 2023 , 10 ( 24 ): 21670 - 21686 .

杨毅宇 , 周威 , 赵尚儒 , 等 . 物联网安全研究综述: 威胁、检测与防御 [J ] . 通信学报 , 2021 , 42 ( 8 ): 188 - 205 .

YANG Y Y , ZHOU W , ZHAO S R , et al . Survey of IoT security research: threats, detection and defense [J ] . Journal on Communications , 2021 , 42 ( 8 ): 188 - 205 .

ALZOUBI H M , GHAZAL T M , HASAN M K , et al . Cyber security threats on digital banking [C ] // Proceedings of the 2022 1st International Conference on AI in Cybersecurity (ICAIC) . Piscataway : IEEE Press , 2022 : 1 - 4 .

SHEIKH M S , LIANG J , WANG W S . A survey of security services, attacks, and applications for vehicular ad hoc networks (VANETs) [J ] . Sensors , 2019 , 19 ( 16 ): 3589 .

王冬 , 秦倩倩 , 郭开天 , 等 . 联邦学习中的模型逆向攻防研究综述 [J ] . 通信学报 , 2023 , 44 ( 11 ): 94 - 109 .

WANG D , QIN Q Q , GUO K T , et al . Survey on model inversion attack and defense in federated learning [J ] . Journal on Communications , 2023 , 44 ( 11 ): 94 - 109 .

QURESHI A , DASHTI W , JAHANGEER A , et al . Security challenges over cloud environment from service provider prospective [J ] . Cloud Computing and Data Science , 2020 : 12 - 20 .

VESTAD A , YANG B . Adoption of cybersecurity innovations—a systematic literature review [C ] // The International Conference on Cybersecurity, Situational Awareness and Social Media . Berlin : Springer , 2024 : 285 - 304 .

LI J J , LI J Q , WANG X , et al . Multi-blockchain based data trading markets with novel pricing mechanisms [J ] . IEEE/CAA Journal of Automatica Sinica , 2023 , 10 ( 12 ): 2222 - 2232 .

LIU W , FENG W L , HUANG M X , et al . STEB: a secure service trading ecosystem based on blockchain [J ] . PLoS One , 2022 , 17 ( 6 ): e0267914 .

李永明 , 赖利娜 . 区块链背景下数字版权全链条保护的困境与出路 [J ] . 科技管理研究 , 2022 , 42 ( 10 ): 140 - 150 .

LI Y M , LAI L N . The dilemma and solution of full chain protection of digital copyright based on blockchain [J ] . Science and Technology Management Research , 2022 , 42 ( 10 ): 140 - 150 .

TAN T M , SARANIEMI S . Trust in blockchain-enabled exchanges: future directions in blockchain marketing [J ] . Journal of the Academy of Marketing Science , 2023 , 51 ( 4 ): 914 - 939 .

NAMASUDRA S , DEKA G C , JOHRI P , et al . The revolution of blockchain: state-of-the-art and research challenges [J ] . Archives of Computational Methods in Engineering , 2021 , 28 ( 3 ): 1497 - 1515 .

霍如 , 程祥凤 , 孙闯 , 等 . 区块链网络拓扑优化和转发策略设计 [J ] . 通信学报 , 2022 , 43 ( 12 ): 89 - 100 .

HUO R , CHENG X F , SUN C , et al . Topology optimization and forwarding strategy design for blockchain network [J ] . Journal on Communications , 2022 , 43 ( 12 ): 89 - 100 .

XU J , WANG C , JIA X H . A survey of blockchain consensus protocols [J ] . ACM Computing Surveys , 2023 , 55 ( 13 s): 1 - 35 .

YAVAPRABHAS K , POURNADER M , SEURING S . Blockchain as the “trust-building machine” for supply chain management [J ] . Annals of Operations Research , 2023 , 327 ( 1 ): 49 - 88 .

孙俨 , 熊翱 , 蒋承伶 , 等 . 基于区块链的计算与无线通信资源联合管理双向拍卖模型 [J ] . 通信学报 , 2022 , 43 ( 11 ): 14 - 25 .

SUN Y , XIONG A , JIANG C L , et al . Blockchain-based computing and wireless communication resource joint management double auction model [J ] . Journal on Communications , 2022 , 43 ( 11 ): 14 - 25 .

张海波 , 曹钰坤 , 刘开健 , 等 . 车联网中基于区块链的分布式信任管理方案 [J ] . 通信学报 , 2023 , 44 ( 5 ): 148 - 157 .

ZHANG H B , CAO Y K , LIU K J , et al . Distributed trust management scheme based on blockchain in Internet of vehicles [J ] . Journal on Communications , 2023 , 44 ( 5 ): 148 - 157 .

BELCHIOR R , VASCONCELOS A , GUERREIRO S , et al . A survey on blockchain interoperability: past, present, and future trends [J ] . arXiv Preprint , arXiv: 2005.14282 , 2020 .

SANKA A I , IRFAN M , HUANG I , et al . A survey of breakthrough in blockchain technology: adoptions, applications, challenges and future research [J ] . Computer Communications , 2021 , 169 : 179 - 201 .

龚强 , 班铭媛 , 张一林 . 区块链、企业数字化与供应链金融创新 [J ] . 中国社会科学文摘 , 2021 ( 6 ): 89 - 90 .

GONG Q , BAN M Y , ZHANG Y L . Blockchain, enterprise digitalization and supply chain finance innovation [J ] . Chinese Social Science Digest , 2021 ( 6 ): 89 - 90 .

蔡晓晴 , 邓尧 , 张亮 , 等 . 区块链原理及其核心技术 [J ] . 计算机学报 , 2021 , 44 ( 1 ): 84 - 131 .

CAI X Q , DENG Y , ZHANG L , et al . The principle and core technology of blockchain [J ] . Chinese Journal of Computers , 2021 , 44 ( 1 ): 84 - 131 .

陈迪 , 邱菡 , 朱俊虎 , 等 . 基于区块链的域间路由策略符合性验证方法 [J ] . 软件学报 , 2023 , 34 ( 9 ): 4336 - 4350 .

CHEN D , QIU H , ZHU J H , et al . Blockchain-based validation method for inter-domain routing policy compliance [J ] . Journal of Software , 2023 , 34 ( 9 ): 4336 - 4350 .

陈烨 , 许冬瑾 , 肖亮 . 基于区块链的网络安全技术综述 [J ] . 电信科学 , 2018 , 34 ( 3 ): 8 - 16 .

CHEN Y , XU D J , XIAO L . Survey on network security based on blockchain [J ] . Telecommunications Science , 2018 , 34 ( 3 ): 8 - 16 .

SALMAN T , ZOLANVARI M , ERBAD A , et al . Security services using blockchains: a state of the art survey [J ] . IEEE Communications Surveys & Tutorials , 2019 , 21 ( 1 ): 858 - 880 .

冯涛 , 陈李秋 , 方君丽 , 等 . 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案 [J ] . 通信学报 , 2023 , 44 ( 5 ): 224 - 233 .

FENG T , CHEN L Q , FANG J L , et al . Blockchain data sharing scheme based on localized difference privacy and attribute-based searchable encryption [J ] . Journal on Communications , 2023 , 44 ( 5 ): 224 - 233 .

王苗苗 , 芮兰兰 , 徐思雅 . 面向文化资源可信共享的多因子身份认证方案 [J ] . 通信学报 , 2023 , 44 ( 10 ): 34 - 45 .

WANG M M , RUI L L , XU S Y . Multi-factor identity authentication scheme for trusted sharing of cultural resources [J ] . Journal on Communications , 2023 , 44 ( 10 ): 34 - 45 .

LAMBA A , SINGH S , DUTTA N , et al . Uses of different cyber security service to prevent attack on smart home infrastructure [J ] . SSRN Electronic Journal , 2014 , 1 ( 11 ): 5809 - 5813 .

王利朋 , 关志 , 李青山 , 等 . 区块链数据安全服务综述 [J ] . 软件学报 , 2023 , 34 ( 1 ): 1 - 32 .

WANG L P , GUAN Z , LI Q S , et al . Survey on blockchain-based security services [J ] . Journal of Software , 2023 , 34 ( 1 ): 1 - 32 .

林莉 , 储振兴 , 刘子萌 , 等 . 基于区块链的策略隐藏大数据访问控制方法 [J ] . 自动化学报 , 2023 , 49 ( 5 ): 1031 - 1049 .

LIN L , CHU Z X , LIU Z M , et al . A policy-hidden big data access control method based on blockchain [J ] . Acta Automatica Sinica , 2023 , 49 ( 5 ): 1031 - 1049 .

张淑娥 , 田成伟 , 李保罡 . 基于区块链技术的身份认证研究综述 [J ] . 计算机科学 , 2023 , 50 ( 5 ): 329 - 347 .

ZHANG S E , TIAN C W , LI B G . Review of identity authentication research based on blockchain technology [J ] . Computer Science , 2023 , 50 ( 5 ): 329 - 347 .

王晟典 , 陈娥 , 朱岩 , 等 . 一种基于区块链智能合约的软件服务交易方法 [J ] . 工程科学学报 , 2023 , 45 ( 3 ): 475 - 488 .

WANG S D , CHEN E , ZHU Y , et al . A software service transaction approach based on blockchain smart contracts [J ] . Chinese Journal of Engineering , 2023 , 45 ( 3 ): 475 - 488 .

NASEER H , MAYNARD S B , DESOUZA K C . Demystifying analytical information processing capability: the case of cybersecurity incident response [J ] . Decision Support Systems , 2021 , 143 : 113476 .

XIANG X Y , CAO J , FAN W G . Decentralized authentication and access control protocol for blockchain-based e-health systems [J ] . Journal of Network and Computer Applications , 2022 , 207 : 103512 .

VISHWAKARMA L , NAHAR A , DAS D . LBSV: lightweight blockchain security protocol for secure storage and communication in SDN-enabled IoV [J ] . IEEE Transactions on Vehicular Technology , 2022 , 71 ( 6 ): 5983 - 5994 .

NAKAMOTO S . Bitcoin: a peer-to-peer electronic cash system [J ] . Consulted , 2008 , 28 ( 1 ): 21260 - 21268 .

陈冬林 , 唐艺倩 , 聂规划 , 等 . 基于零知识证明的科技服务交易数据保密机制 [J ] . 科技管理研究 , 2021 , 41 ( 20 ): 80 - 86 .

CHEN D L , TANG Y Q , NIE G H , et al . Data confidentiality mechanism of science and technology service transaction based on zero knowledge proof [J ] . Science and Technology Management Research , 2021 , 41 ( 20 ): 80 - 86 .

张垿豪 , 冯文龙 , 黄梦醒 , 等 . 基于区块链的科技服务质量信任评价方案 [J ] . 计算机工程 , 2022 , 48 ( 5 ): 127 - 135, 144 .

ZHANG X H , FENG W L , HUANG M X , et al . Trust evaluation scheme for technology quality of service based on blockchain [J ] . Computer Engineering , 2022 , 48 ( 5 ): 127 - 135, 144 .

李妃养 , 黄何 , 张宏丽 . 区块链技术在技术成果交易领域应用探索 [J ] . 科学管理研究 , 2020 , 38 ( 3 ): 55 - 60 .

LI F Y , HUANG H , ZHANG H L . Application exploration of block chain technology in the field of technology trading [J ] . Scientific Management Research , 2020 , 38 ( 3 ): 55 - 60 .

HU J , ZHU P , QI Y , et al . A patent registration and trading system based on blockchain [J ] . Expert Systems with Applications , 2022 , 201 : 117094 .

ZHUANG C X , DAI Q Y , ZHANG Y . BCPPT: a blockchain-based privacy-preserving and traceability identity management scheme for intellectual property [J ] . Peer-to-Peer Networking and Applications , 2022 , 15 ( 1 ): 724 - 738 .

李向阳 , 刘扬 , 闫志全 , 等 . 基于区块链的知识产权交易平台研究与实现 [J ] . 计算机工程与应用 , 2023 , 59 ( 3 ): 308 - 316 .

LI X Y , LIU Y , YAN Z Q , et al . Research and implementation of intellectual property trading platform based on blockchain [J ] . Computer Engineering and Applications , 2023 , 59 ( 3 ): 308 - 316 .

黄华梅 , 陆建波 , 李文敬 , 等 . 基于区块链的家政服务交易群智合约算法研究 [J ] . 计算机应用与软件 , 2023 , 40 ( 9 ): 137 - 144, 204 .

HUANG H M , LU J B , LI W J , et al . Blockchain-based housekeeping service transaction group smart contract algorithm [J ] . Computer Applications and Software , 2023 , 40 ( 9 ): 137 - 144, 204 .

YAHAYA A S , JAVAID N , JAVED M U , et al . Blockchain-based secure energy trading with mutual verifiable fairness in a smart community [J ] . IEEE Transactions on Industrial Informatics , 2022 , 18 ( 11 ): 7412 - 7422 .

LIU Z W , HU C Q , XIA H , et al . SPDTS: a differential privacy-based blockchain scheme for secure power data trading [J ] . IEEE Transactions on Network and Service Management , 2022 , 19 ( 4 ): 5196 - 5207 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向新能源汽车能源交易系统的PoRT共识机制

基于椭圆曲线签密的跨链医疗数据共享方案

区块链数字取证：技术及架构研究

基于博弈论和可验证共识的防合谋跨链交易方案

面向双层区块链的人车分离信任管理方案