{"title":"基于角色和属性的分散式药品供应链访问控制方案","authors":"Jigna J. Hathaliya, Sudeep Tanwar","doi":"10.1016/j.jisa.2024.103851","DOIUrl":null,"url":null,"abstract":"<div><p>The medicine supply chain (MSC) is an intricate structure that extends across multiple organizations and geographic locations and is an important basis for essential daily services. It involves manufacturing, distributing, and delivering medicine to patients. The intermediaries in the MSC include manufacturers, warehouses, distributors, transporters, retailers, consumers, and patients, in which each intermediary plays a vital role and responsibility in an MSC. MSC poses different challenges, such as medicine counterfeiting, data temperament, and cold chain shipping, leading to various security and privacy issues. To overcome the aforementioned issues, public blockchain (BC) provides transparency, traceability, and data security to some extent but often fails to protect MSC’s data privacy. To address the aforementioned, we adopted the Hyperledger Fabric consortium BC, which preserves the data security and privacy of the proposed scheme. Hyperledger Fabric uses a role-based access control (RBAC) policy for all writers and readers, where each reader and writer accesses all the smart contract information based on their static roles (reader and writer). This RBAC scheme limits the dynamicity and granularity of the access control. With this concern, we adopt the combination of RBAC and attribute-based access control (ABAC) schemes to provide fine-grained access to the smart contract functions. Additionally, we use a distributed interplanetary file system (IPFS) to enhance the scalability of the proposed scheme. Before saving data, IPFS does not use any encryption algorithm. We embraced the advanced encryption standard (AES) algorithm to encrypt MSC data. Next, we integrated RBAC and fine-grained ABAC through smart contracts to prevent unauthorized access in an MSC environment. Further, the proposed scheme is evaluated using various performance parameters, such as scalability for different number of clients, average latency (0.12 s), minimum execution time is around (115 s) for 100 transactions execution, and throughput of (72.5) transactions per second (TPS) of invoke-based smart contract functions while 618.7 (TPS) for query-based smart contract functions.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103851"},"PeriodicalIF":3.8000,"publicationDate":"2024-08-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Role and attribute-based access control scheme for decentralized medicine supply chain\",\"authors\":\"Jigna J. Hathaliya, Sudeep Tanwar\",\"doi\":\"10.1016/j.jisa.2024.103851\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>The medicine supply chain (MSC) is an intricate structure that extends across multiple organizations and geographic locations and is an important basis for essential daily services. It involves manufacturing, distributing, and delivering medicine to patients. The intermediaries in the MSC include manufacturers, warehouses, distributors, transporters, retailers, consumers, and patients, in which each intermediary plays a vital role and responsibility in an MSC. MSC poses different challenges, such as medicine counterfeiting, data temperament, and cold chain shipping, leading to various security and privacy issues. To overcome the aforementioned issues, public blockchain (BC) provides transparency, traceability, and data security to some extent but often fails to protect MSC’s data privacy. To address the aforementioned, we adopted the Hyperledger Fabric consortium BC, which preserves the data security and privacy of the proposed scheme. Hyperledger Fabric uses a role-based access control (RBAC) policy for all writers and readers, where each reader and writer accesses all the smart contract information based on their static roles (reader and writer). This RBAC scheme limits the dynamicity and granularity of the access control. With this concern, we adopt the combination of RBAC and attribute-based access control (ABAC) schemes to provide fine-grained access to the smart contract functions. Additionally, we use a distributed interplanetary file system (IPFS) to enhance the scalability of the proposed scheme. Before saving data, IPFS does not use any encryption algorithm. We embraced the advanced encryption standard (AES) algorithm to encrypt MSC data. Next, we integrated RBAC and fine-grained ABAC through smart contracts to prevent unauthorized access in an MSC environment. Further, the proposed scheme is evaluated using various performance parameters, such as scalability for different number of clients, average latency (0.12 s), minimum execution time is around (115 s) for 100 transactions execution, and throughput of (72.5) transactions per second (TPS) of invoke-based smart contract functions while 618.7 (TPS) for query-based smart contract functions.</p></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"85 \",\"pages\":\"Article 103851\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2024-08-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212624001534\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624001534","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Role and attribute-based access control scheme for decentralized medicine supply chain
The medicine supply chain (MSC) is an intricate structure that extends across multiple organizations and geographic locations and is an important basis for essential daily services. It involves manufacturing, distributing, and delivering medicine to patients. The intermediaries in the MSC include manufacturers, warehouses, distributors, transporters, retailers, consumers, and patients, in which each intermediary plays a vital role and responsibility in an MSC. MSC poses different challenges, such as medicine counterfeiting, data temperament, and cold chain shipping, leading to various security and privacy issues. To overcome the aforementioned issues, public blockchain (BC) provides transparency, traceability, and data security to some extent but often fails to protect MSC’s data privacy. To address the aforementioned, we adopted the Hyperledger Fabric consortium BC, which preserves the data security and privacy of the proposed scheme. Hyperledger Fabric uses a role-based access control (RBAC) policy for all writers and readers, where each reader and writer accesses all the smart contract information based on their static roles (reader and writer). This RBAC scheme limits the dynamicity and granularity of the access control. With this concern, we adopt the combination of RBAC and attribute-based access control (ABAC) schemes to provide fine-grained access to the smart contract functions. Additionally, we use a distributed interplanetary file system (IPFS) to enhance the scalability of the proposed scheme. Before saving data, IPFS does not use any encryption algorithm. We embraced the advanced encryption standard (AES) algorithm to encrypt MSC data. Next, we integrated RBAC and fine-grained ABAC through smart contracts to prevent unauthorized access in an MSC environment. Further, the proposed scheme is evaluated using various performance parameters, such as scalability for different number of clients, average latency (0.12 s), minimum execution time is around (115 s) for 100 transactions execution, and throughput of (72.5) transactions per second (TPS) of invoke-based smart contract functions while 618.7 (TPS) for query-based smart contract functions.
期刊介绍:
Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
