NovidChain: Blockchain-based privacy-preserving platform for COVID-19 test/vaccine certificates.

IF 2.6 4区 计算机科学 Q2 COMPUTER SCIENCE, SOFTWARE ENGINEERING
Software-Practice & Experience Pub Date : 2022-04-01 Epub Date: 2021-05-18 DOI:10.1002/spe.2983
Amal Abid, Saoussen Cheikhrouhou, Slim Kallel, Mohamed Jmaiel
{"title":"NovidChain: Blockchain-based privacy-preserving platform for COVID-19 test/vaccine certificates.","authors":"Amal Abid, Saoussen Cheikhrouhou, Slim Kallel, Mohamed Jmaiel","doi":"10.1002/spe.2983","DOIUrl":null,"url":null,"abstract":"<p><p>The COVID-19 pandemic has emerged as a highly transmissible disease which has caused a disastrous impact worldwide by adversely affecting the global economy, health, and human lives. This sudden explosion and uncontrolled worldwide spread of COVID-19 has revealed the limitations of existing healthcare systems regarding handling public health emergencies. As governments seek to effectively re-establish their economies, open workplaces, ensure safe travels and progressively return to normal life, there is an urgent need for technologies that may alleviate the severity of the losses. This article explores a promising solution for secure Digital Health Certificate, called NovidChain, a Blockchain-based privacy-preserving platform for COVID-19 test/vaccine certificates issuing and verifying. More precisely, NovidChain incorporates several emergent concepts: (i) Blockchain technology to ensure data integrity and immutability, (ii) self-sovereign identity to allow users to have complete control over their data, (iii) encryption of Personally Identifiable Information to enhance privacy, (iv) W3C verifiable credentials standard to facilitate instant verification of COVID-19 proof, and (v) selective disclosure concept to permit user to share selected pieces of information with trusted parties. Therefore, NovidChain is designed to meet a high level of protection of personal data, in compliant with the GDPR and KYC requirements, and guarantees the user's self-sovereignty, while ensuring both the safety of populations and the user's right to privacy. To prove the security and efficiency of the proposed NovidChain platform, this article also provides a detailed technical description, a proof-of-concept implementation, different experiments, and a comparative evaluation. The evaluation shows that NovidChain provides better financial cost and scalability results compared to other solutions. More precisely, we note a high difference in time between operations (i.e., between 46% and 56%). Furthermore, the evaluation confirms that NovidChain ensures security properties, particularly data integrity, forge, binding, uniqueness, peer-indistinguishability, and revocation.</p>","PeriodicalId":49504,"journal":{"name":"Software-Practice & Experience","volume":"52 4","pages":"841-867"},"PeriodicalIF":2.6000,"publicationDate":"2022-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8242505/pdf/SPE-52-841.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Software-Practice & Experience","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1002/spe.2983","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2021/5/18 0:00:00","PubModel":"Epub","JCR":"Q2","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 0

Abstract

The COVID-19 pandemic has emerged as a highly transmissible disease which has caused a disastrous impact worldwide by adversely affecting the global economy, health, and human lives. This sudden explosion and uncontrolled worldwide spread of COVID-19 has revealed the limitations of existing healthcare systems regarding handling public health emergencies. As governments seek to effectively re-establish their economies, open workplaces, ensure safe travels and progressively return to normal life, there is an urgent need for technologies that may alleviate the severity of the losses. This article explores a promising solution for secure Digital Health Certificate, called NovidChain, a Blockchain-based privacy-preserving platform for COVID-19 test/vaccine certificates issuing and verifying. More precisely, NovidChain incorporates several emergent concepts: (i) Blockchain technology to ensure data integrity and immutability, (ii) self-sovereign identity to allow users to have complete control over their data, (iii) encryption of Personally Identifiable Information to enhance privacy, (iv) W3C verifiable credentials standard to facilitate instant verification of COVID-19 proof, and (v) selective disclosure concept to permit user to share selected pieces of information with trusted parties. Therefore, NovidChain is designed to meet a high level of protection of personal data, in compliant with the GDPR and KYC requirements, and guarantees the user's self-sovereignty, while ensuring both the safety of populations and the user's right to privacy. To prove the security and efficiency of the proposed NovidChain platform, this article also provides a detailed technical description, a proof-of-concept implementation, different experiments, and a comparative evaluation. The evaluation shows that NovidChain provides better financial cost and scalability results compared to other solutions. More precisely, we note a high difference in time between operations (i.e., between 46% and 56%). Furthermore, the evaluation confirms that NovidChain ensures security properties, particularly data integrity, forge, binding, uniqueness, peer-indistinguishability, and revocation.

Abstract Image

NovidChain:基于区块链的 COVID-19 检测/疫苗证书隐私保护平台。
COVID-19 大流行是一种传播性极强的疾病,对全球经济、健康和人类生命造成了负面影响,在全球范围内产生了灾难性的影响。COVID-19 的突然爆发和不受控制的全球传播暴露了现有医疗系统在处理公共卫生突发事件方面的局限性。在各国政府寻求有效重建经济、开放工作场所、确保安全旅行和逐步恢复正常生活的同时,迫切需要可减轻严重损失的技术。本文探讨了一种前景广阔的安全数字健康证书解决方案,名为 NovidChain,是一个基于区块链的隐私保护平台,用于 COVID-19 检测/疫苗证书的签发和验证。更确切地说,NovidChain 融合了几个新兴概念:(i) 区块链技术,以确保数据的完整性和不变性;(ii) 自我主权身份,允许用户完全控制自己的数据;(iii) 个人身份信息加密,以加强隐私保护;(iv) W3C 可验证凭证标准,以促进 COVID-19 证明的即时验证;(v) 选择性披露概念,允许用户与受信任方共享选定的信息。因此,NovidChain 的设计符合 GDPR 和 KYC 的要求,满足了对个人数据的高度保护,并保证了用户的自我主权,同时确保了人口的安全和用户的隐私权。为了证明所提出的 NovidChain 平台的安全性和效率,本文还提供了详细的技术说明、概念验证实施、不同的实验和比较评估。评估结果表明,与其他解决方案相比,NovidChain 在财务成本和可扩展性方面都有更好的表现。更确切地说,我们注意到操作之间的时间差异很大(即 46% 到 56%)。此外,评估还证实,NovidChain 可确保安全属性,尤其是数据完整性、伪造、绑定、唯一性、对等无差别性和撤销。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Software-Practice & Experience
Software-Practice & Experience 工程技术-计算机:软件工程
CiteScore
8.00
自引率
8.60%
发文量
107
审稿时长
6 months
期刊介绍: Software: Practice and Experience is an internationally respected and rigorously refereed vehicle for the dissemination and discussion of practical experience with new and established software for both systems and applications. Articles published in the journal must be directly relevant to the design and implementation of software at all levels, from a useful programming technique all the way up to a large scale software system. As the journal’s name suggests, the focus is on practice and experience with software itself. The journal cannot and does not attempt to cover all aspects of software engineering. The key criterion for publication of a paper is that it makes a contribution from which other persons engaged in software design and implementation might benefit. Originality is also important. Exceptions can be made, however, for cases where apparently well-known techniques do not appear in the readily available literature. Contributions regularly: Provide detailed accounts of completed software-system projects which can serve as ‘how-to-do-it’ models for future work in the same field; Present short reports on programming techniques that can be used in a wide variety of areas; Document new techniques and tools that aid in solving software construction problems; Explain methods/techniques that cope with the special demands of large-scale software projects. However, software process and management of software projects are topics deemed to be outside the journal’s scope. The emphasis is always on practical experience; articles with theoretical or mathematical content are included only in cases where an understanding of the theory will lead to better practical systems. If it is unclear whether a manuscript is appropriate for publication in this journal, the list of referenced publications will usually provide a strong indication. When there are no references to Software: Practice and Experience papers (or to papers in a journal with a similar scope such as JSS), it is quite likely that the manuscript is not suited for this journal. Additionally, one of the journal’s editors can be contacted for advice on the suitability of a particular topic.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信