为数据共享实现基于区块链的可问责和隐私保护访问控制

IF 3.8 2区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS
Qiwei Hu , Chenyu Huang , Guoqiang Zhang , Lingyi Cai , Tao Jiang
{"title":"为数据共享实现基于区块链的可问责和隐私保护访问控制","authors":"Qiwei Hu ,&nbsp;Chenyu Huang ,&nbsp;Guoqiang Zhang ,&nbsp;Lingyi Cai ,&nbsp;Tao Jiang","doi":"10.1016/j.jisa.2024.103866","DOIUrl":null,"url":null,"abstract":"<div><p>The integration of blockchain technology with Access Control (AC) systems presents novel opportunities for enhancing data security within decentralized architectures, which is drawing increasing attention in Data Sharing (DS) applications. However, existing works reveal a gap in achieving accountability for anonymous access in the absence of a centralized trusted authority. To address this issue, this paper introduces InvisiReveal, a novel Blockchain-Based AC (BBAC) framework that achieves permission invisibility, access anonymity, and accountability without extra trust assumptions. Users in InvisiReveal generate anonymous credentials to authenticate their requests using Zero Knowledge Proof. To enable accountability, a novel blockchain-oriented verifiable commitment (BC-VC) protocol is designed that allows a user to commit a confidential traceable tag to the blockchain. The system could unveil a malicious requester’s identity by opening the tag commitment under collaboration with the victim user and blockchain. We implement a prototype of InvisiReveal to evaluate its practicality, where an access request is verified within 5 ms.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103866"},"PeriodicalIF":3.8000,"publicationDate":"2024-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Towards accountable and privacy-preserving blockchain-based access control for data sharing\",\"authors\":\"Qiwei Hu ,&nbsp;Chenyu Huang ,&nbsp;Guoqiang Zhang ,&nbsp;Lingyi Cai ,&nbsp;Tao Jiang\",\"doi\":\"10.1016/j.jisa.2024.103866\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>The integration of blockchain technology with Access Control (AC) systems presents novel opportunities for enhancing data security within decentralized architectures, which is drawing increasing attention in Data Sharing (DS) applications. However, existing works reveal a gap in achieving accountability for anonymous access in the absence of a centralized trusted authority. To address this issue, this paper introduces InvisiReveal, a novel Blockchain-Based AC (BBAC) framework that achieves permission invisibility, access anonymity, and accountability without extra trust assumptions. Users in InvisiReveal generate anonymous credentials to authenticate their requests using Zero Knowledge Proof. To enable accountability, a novel blockchain-oriented verifiable commitment (BC-VC) protocol is designed that allows a user to commit a confidential traceable tag to the blockchain. The system could unveil a malicious requester’s identity by opening the tag commitment under collaboration with the victim user and blockchain. We implement a prototype of InvisiReveal to evaluate its practicality, where an access request is verified within 5 ms.</p></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"85 \",\"pages\":\"Article 103866\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2024-08-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212624001686\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624001686","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

区块链技术与访问控制(AC)系统的整合为在去中心化架构中增强数据安全性提供了新的机遇,这在数据共享(DS)应用中正引起越来越多的关注。然而,现有的工作表明,在没有集中式可信机构的情况下,实现匿名访问的问责制存在差距。为了解决这个问题,本文介绍了 InvisiReveal,这是一种新颖的基于区块链的 AC(BBAC)框架,无需额外的信任假设即可实现权限隐形、访问匿名和问责制。InvisiReveal 中的用户生成匿名凭证,使用零知识证明(Zero Knowledge Proof)验证他们的请求。为了实现问责制,设计了一种新颖的面向区块链的可验证承诺(BC-VC)协议,允许用户向区块链提交保密的可追踪标签。该系统可以通过与受害用户和区块链合作打开标签承诺,从而揭露恶意请求者的身份。我们实现了 InvisiReveal 的原型,以评估其实用性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Towards accountable and privacy-preserving blockchain-based access control for data sharing

The integration of blockchain technology with Access Control (AC) systems presents novel opportunities for enhancing data security within decentralized architectures, which is drawing increasing attention in Data Sharing (DS) applications. However, existing works reveal a gap in achieving accountability for anonymous access in the absence of a centralized trusted authority. To address this issue, this paper introduces InvisiReveal, a novel Blockchain-Based AC (BBAC) framework that achieves permission invisibility, access anonymity, and accountability without extra trust assumptions. Users in InvisiReveal generate anonymous credentials to authenticate their requests using Zero Knowledge Proof. To enable accountability, a novel blockchain-oriented verifiable commitment (BC-VC) protocol is designed that allows a user to commit a confidential traceable tag to the blockchain. The system could unveil a malicious requester’s identity by opening the tag commitment under collaboration with the victim user and blockchain. We implement a prototype of InvisiReveal to evaluate its practicality, where an access request is verified within 5 ms.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Journal of Information Security and Applications
Journal of Information Security and Applications Computer Science-Computer Networks and Communications
CiteScore
10.90
自引率
5.40%
发文量
206
审稿时长
56 days
期刊介绍: Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信