Multi-department data sharing access control scheme on block chain

doi:10.13196/j.cims.2022.10.016

Computer Integrated Manufacturing System ›› 2022, Vol. 28 ›› Issue (10): 3202-3211.DOI: 10.13196/j.cims.2022.10.016

Previous Articles Next Articles

Multi-department data sharing access control scheme on block chain

JIANG Jiahao¹,ZHANG Xuan^1,2,3+,DENG Hongjing¹,WANG Jie¹,HUANG Hexiang¹#br#

1.School of Software,Yunnan University
2.Key Laboratory of Software Engineering of Yunnan Province,Yunnan University
3.Engineering Research Center of Cyberspace,Yunnan University

Online:2022-10-31 Published:2022-11-10
Supported by:
Project supported by the National Natural Science Foundation,China(No.61862063,61502413,61262025),the National Social Science Foundation,China(No.18BJL104),the Science Foundation of Young and Middle-aged Academic and Technical Leaders of Yunnan Province,China(No.202205AC160040),the Science Foundation of Yunnan Academician Expert Workstation,China(No.202205AF150006),the Open Fund of Key Laboratory of Software Engineering of Yunnan Province,China(No.2020SE301),and the “Knowledge-Driven Intelligent Software Engineering Innovation Team” of Software School of Yunnan University,China.

基于区块链的多部门数据共享访问控制流程建模

蒋家昊¹,张璇^1,2,3+,邓宏镜¹,王杰¹,黄河祥¹

1.云南大学软件学院
2.云南大学云南省软件工程重点实验室
3.云南大学教育部跨境网络空间安全工程研究中心

基金资助:
国家自然科学基金资助项目(61862063,61502413,61262025);国家社会科学基金资助项目(18BJL104);云南省中青年学术和技术带头人后备人才资助项目(202205AC160040);云南省院士专家工作站资助项目(202205AF150006);云南省软件工程重点实验室开放基金资助项目(2020SE301);云南大学软件学院“知识驱动智能软件工程科研创新团队”资助项目。

Abstract

Abstract: The current mainstream data platforms cannot guarantee the consistency,authenticity,and integrity of data in a multi-departmental situation,and it is also difficult to resist malicious attacks on data.An access control scheme mixed with attribute-based and capability-based access control models on blockchain for the cross-departmental border port entry and exit information sharing process was proposed.At the same time,the Interplanetary File System (IPFS) was used to expand the storability of blockchain in an off-chain manner.Based on the access control design in smart contracts,the generation and delegation of access capabilities could be performed with a more detailed intensity.The framework and process of access control were also elaborated and analyzed in detail.The performance and effectiveness of the blockchain network were verified through simulation experiments,and the research content was summarized and prospected.

Key words: blockchain, access control, attribute-based access control, capability-based access control, smart contract, interplanetary file system

摘要： 鉴于主流数据平台难以保证多部门数据的一致性、真实性和完整性,也难以抵御对数据的恶意攻击,针对跨国运政出入境信息共享流程,基于区块链技术,提出一种混合属性访问控制和能力访问控制的数据共享访问控制模型的流程控制,采用星际文件系统以链下的方式拓展区块链的可存储性;通过智能合约,以更细粒度的模式实现访问能力生成和委托,并详细阐述和分析了访问控制的框架和流程。通过仿真实验验证了本区块链网络的性能和有效性,并对研究内容进行了总结和展望。

关键词: 区块链, 访问控制, 基于属性的访问控制, 基于能力的访问控制, 智能合约, 星际文件系统

CLC Number:

TP311

JIANG Jiahao, ZHANG Xuan, DENG Hongjing, WANG Jie, HUANG Hexiang. Multi-department data sharing access control scheme on block chain[J]. Computer Integrated Manufacturing System, 2022, 28(10): 3202-3211.

蒋家昊, 张璇, 邓宏镜, 王杰, 黄河祥. 基于区块链的多部门数据共享访问控制流程建模[J]. 计算机集成制造系统, 2022, 28(10): 3202-3211.

[1]	SUN Yanqi, ZHANG Zhengdao. Industrial control system data integrity protection based on blockchain [J]. Computer Integrated Manufacturing System, 2022, 28(9): 2909-2917.
[2]	. Improved PBFT algorithm based on QoS value in cloud manufacturing service scenario [J]. Computer Integrated Manufacturing System, 2022, 28(6): 1767-1776.
[3]	. Deadlock-free intersection-access sequence optimization and collision avoidance for multi-load AGV system [J]. Computer Integrated Manufacturing System, 2022, 28(4): 979-989.
[4]	. Framework of manufacturing service integration platform based on double-chain blockchain [J]. Computer Integrated Manufacturing System, 2022, 28(4): 1177-1187.
[5]	. Evolutionary game analysis on transaction of cloud manufacturing service platform based on blockchain [J]. Computer Integrated Manufacturing System, 2022, 28(2): 629-642.
[6]	SUN Xiaoxiao, SHEN Hujun, YANG Siqing, YU Dongjin. Blockchain business process engine based on timing-choreography [J]. Computer Integrated Manufacturing System, 2022, 28(10): 3131-3145.
[7]	. Business process interoperability service framework based on blockchain [J]. , 2021, 27(9): 2508-2516.
[8]	. QoS assessment framework and algorithms based on blockchain [J]. , 2021, 27(9): 2708-2720.
[9]	. Multi-objective optimization of blockchain based on industrial internet of things [J]. , 2021, 27(8): 2382-2392.
[10]	. Review on security,privacy,and performance issues of blockchain [J]. , 2021, 27(7): 2078-2094.
[11]	. Decentralized access control with policy updating in cloud manufacturing [J]. , 2019, 25(第9): 2280-2290.
[12]	. Privacy-aware multi-tenant access control for cloud workflow [J]. , 2019, 25(第4): 894-900.
[13]	. Hybrid indexing scheme supporting blockchain transaction tracing [J]. , 2019, 25(第4): 978-984.
[14]	. Towards next generation sustainable manufacturing-inclusive manufacturing [J]. , 2019, 25(第10): 2419-2432.
[15]	. Trusted transaction method of manufacturing services based on blockchain [J]. , 2019, 25(12): 3247-3257.

Multi-department data sharing access control scheme on block chain

基于区块链的多部门数据共享访问控制流程建模

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics