Role and attribute-based access control scheme for decentralized medicine supply chain

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2024-08-06 DOI:10.1016/j.jisa.2024.103851

{"title":"Role and attribute-based access control scheme for decentralized medicine supply chain","authors":"","doi":"10.1016/j.jisa.2024.103851","DOIUrl":null,"url":null,"abstract":"<div><p>The medicine supply chain (MSC) is an intricate structure that extends across multiple organizations and geographic locations and is an important basis for essential daily services. It involves manufacturing, distributing, and delivering medicine to patients. The intermediaries in the MSC include manufacturers, warehouses, distributors, transporters, retailers, consumers, and patients, in which each intermediary plays a vital role and responsibility in an MSC. MSC poses different challenges, such as medicine counterfeiting, data temperament, and cold chain shipping, leading to various security and privacy issues. To overcome the aforementioned issues, public blockchain (BC) provides transparency, traceability, and data security to some extent but often fails to protect MSC’s data privacy. To address the aforementioned, we adopted the Hyperledger Fabric consortium BC, which preserves the data security and privacy of the proposed scheme. Hyperledger Fabric uses a role-based access control (RBAC) policy for all writers and readers, where each reader and writer accesses all the smart contract information based on their static roles (reader and writer). This RBAC scheme limits the dynamicity and granularity of the access control. With this concern, we adopt the combination of RBAC and attribute-based access control (ABAC) schemes to provide fine-grained access to the smart contract functions. Additionally, we use a distributed interplanetary file system (IPFS) to enhance the scalability of the proposed scheme. Before saving data, IPFS does not use any encryption algorithm. We embraced the advanced encryption standard (AES) algorithm to encrypt MSC data. Next, we integrated RBAC and fine-grained ABAC through smart contracts to prevent unauthorized access in an MSC environment. Further, the proposed scheme is evaluated using various performance parameters, such as scalability for different number of clients, average latency (0.12 s), minimum execution time is around (115 s) for 100 transactions execution, and throughput of (72.5) transactions per second (TPS) of invoke-based smart contract functions while 618.7 (TPS) for query-based smart contract functions.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":null,"pages":null},"PeriodicalIF":3.8000,"publicationDate":"2024-08-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624001534","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The medicine supply chain (MSC) is an intricate structure that extends across multiple organizations and geographic locations and is an important basis for essential daily services. It involves manufacturing, distributing, and delivering medicine to patients. The intermediaries in the MSC include manufacturers, warehouses, distributors, transporters, retailers, consumers, and patients, in which each intermediary plays a vital role and responsibility in an MSC. MSC poses different challenges, such as medicine counterfeiting, data temperament, and cold chain shipping, leading to various security and privacy issues. To overcome the aforementioned issues, public blockchain (BC) provides transparency, traceability, and data security to some extent but often fails to protect MSC’s data privacy. To address the aforementioned, we adopted the Hyperledger Fabric consortium BC, which preserves the data security and privacy of the proposed scheme. Hyperledger Fabric uses a role-based access control (RBAC) policy for all writers and readers, where each reader and writer accesses all the smart contract information based on their static roles (reader and writer). This RBAC scheme limits the dynamicity and granularity of the access control. With this concern, we adopt the combination of RBAC and attribute-based access control (ABAC) schemes to provide fine-grained access to the smart contract functions. Additionally, we use a distributed interplanetary file system (IPFS) to enhance the scalability of the proposed scheme. Before saving data, IPFS does not use any encryption algorithm. We embraced the advanced encryption standard (AES) algorithm to encrypt MSC data. Next, we integrated RBAC and fine-grained ABAC through smart contracts to prevent unauthorized access in an MSC environment. Further, the proposed scheme is evaluated using various performance parameters, such as scalability for different number of clients, average latency (0.12 s), minimum execution time is around (115 s) for 100 transactions execution, and throughput of (72.5) transactions per second (TPS) of invoke-based smart contract functions while 618.7 (TPS) for query-based smart contract functions.

查看原文本刊更多论文

基于角色和属性的分散式药品供应链访问控制方案

药品供应链（MSC）是一个错综复杂的结构，跨越多个组织和地理位置，是日常基本服务的重要基础。它涉及生产、分销和向患者交付药品。供应链中的中间商包括制造商、仓库、分销商、运输商、零售商、消费者和患者，其中每个中间商在供应链中都扮演着重要角色，承担着重要责任。地中海供应链面临着不同的挑战，如药品造假、数据篡改和冷链运输，从而导致各种安全和隐私问题。为了克服上述问题，公共区块链（BC）在一定程度上提供了透明度、可追溯性和数据安全性，但往往无法保护 MSC 的数据隐私。为解决上述问题，我们采用了Hyperledger Fabric联盟的区块链技术，从而保护了拟议方案的数据安全和隐私。Hyperledger Fabric 对所有写入者和读取者使用基于角色的访问控制（RBAC）策略，其中每个读取者和写入者根据其静态角色（读取者和写入者）访问所有智能合约信息。这种 RBAC 方案限制了访问控制的动态性和粒度。有鉴于此，我们采用了 RBAC 与基于属性的访问控制（ABAC）相结合的方案，以提供对智能合约功能的细粒度访问。此外，我们还使用了分布式星际文件系统（IPFS）来增强拟议方案的可扩展性。在保存数据之前，IPFS 不使用任何加密算法。我们采用高级加密标准（AES）算法对 MSC 数据进行加密。接下来，我们通过智能合约集成了 RBAC 和细粒度 ABAC，以防止在 MSC 环境中出现未经授权的访问。此外，我们还使用各种性能参数对所提出的方案进行了评估，如不同客户端数量下的可扩展性、平均延迟（0.12 秒）、100 个事务执行的最短执行时间约（115 秒），以及基于调用的智能合约功能每秒（72.5）个事务的吞吐量（TPS）和基于查询的智能合约功能每秒（618.7）个事务的吞吐量（TPS）。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.