COIChain: Blockchain scheme for privacy data authentication in cross-organizational identification

IF 4.5 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computer Communications Pub Date : 2025-01-16 DOI:10.1016/j.comcom.2025.108054

Zhexuan Yang , Xiao Qu , Zeng Chen , Guozi Sun

{"title":"COIChain: Blockchain scheme for privacy data authentication in cross-organizational identification","authors":"Zhexuan Yang , Xiao Qu , Zeng Chen , Guozi Sun","doi":"10.1016/j.comcom.2025.108054","DOIUrl":null,"url":null,"abstract":"<div><div>In cross-institutional user authentication, users’ personal privacy information is often exposed to the risk of disclosure and abuse. Users should have the right to decide on their own data, and others should not be able to use user data without users’ permission. In this study, we adopted a user-centered framework, so that users can obtain authorization among different resource owners through qualification proof, avoiding the dissemination of users’ personal privacy data. We have developed a blockchain-based cross-institutional authorization architecture where users can obtain identity authentication between different entities by structuring transactions. Through the selective disclosure algorithm, the user’s private information is hidden during the user identity authentication, and the authenticity of the user’s private information is verified by disclosing the user’s non-private information and authentication credentials. The architecture supports the generation of identity credentials of constant size based on atomic properties. We prototype the system on Ethereum. The prototype of the system is tested. The experiment proves that the sum of user information processing and verification time is about 80ms, and the time fluctuation of user information processing is very small. The results show that our data flow scheme can effectively avoid the privacy leakage problem in the user cross-agency authentication scenario with a small cost.</div></div>","PeriodicalId":55224,"journal":{"name":"Computer Communications","volume":"233 ","pages":"Article 108054"},"PeriodicalIF":4.5000,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Communications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0140366425000118","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

In cross-institutional user authentication, users’ personal privacy information is often exposed to the risk of disclosure and abuse. Users should have the right to decide on their own data, and others should not be able to use user data without users’ permission. In this study, we adopted a user-centered framework, so that users can obtain authorization among different resource owners through qualification proof, avoiding the dissemination of users’ personal privacy data. We have developed a blockchain-based cross-institutional authorization architecture where users can obtain identity authentication between different entities by structuring transactions. Through the selective disclosure algorithm, the user’s private information is hidden during the user identity authentication, and the authenticity of the user’s private information is verified by disclosing the user’s non-private information and authentication credentials. The architecture supports the generation of identity credentials of constant size based on atomic properties. We prototype the system on Ethereum. The prototype of the system is tested. The experiment proves that the sum of user information processing and verification time is about 80ms, and the time fluctuation of user information processing is very small. The results show that our data flow scheme can effectively avoid the privacy leakage problem in the user cross-agency authentication scenario with a small cost.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Communications 工程技术-电信学

CiteScore

14.10

自引率

5.00%

发文量

397

审稿时长

66 days

期刊介绍： Computer and Communications networks are key infrastructures of the information society with high socio-economic value as they contribute to the correct operations of many critical services (from healthcare to finance and transportation). Internet is the core of today''s computer-communication infrastructures. This has transformed the Internet, from a robust network for data transfer between computers, to a global, content-rich, communication and information system where contents are increasingly generated by the users, and distributed according to human social relations. Next-generation network technologies, architectures and protocols are therefore required to overcome the limitations of the legacy Internet and add new capabilities and services. The future Internet should be ubiquitous, secure, resilient, and closer to human communication paradigms. Computer Communications is a peer-reviewed international journal that publishes high-quality scientific articles (both theory and practice) and survey papers covering all aspects of future computer communication networks (on all layers, except the physical layer), with a special attention to the evolution of the Internet architecture, protocols, services, and applications.