| 257 | 6 | 187 |
| 下载次数 | 被引频次 | 阅读次数 |
针对隐私泄露事件频繁发生且当前的保护方法无法避免恶意收集和恶意攻击的问题,提出了基于双层链的个人隐私数据保护和授权框架。该框架由验证链和授权链构成,通过跨链技术进行通信,不需要用户向服务商提供隐私数据就能获得服务。验证层负责验证数据并生成数据证明,授权层负责用户的授权,避免服务商得到用户隐私数据。此外,提出了基于顺序选举的RAFT改进算法和代理受益证明算法,分别应用在验证层和授权层,从而提高了共识速度和数据处理速度,解决了在没有激励机制的情况下如何维护公有链的问题。实验结果表明,所提框架保证了数据的真实性、安全性和可扩展性,平衡了隐私性和可追溯性。
Abstract:In view of the frequent occurrence of privacy disclosure events and the current protection methods still couldn′t avoid malicious collection and attacks, a personal privacy data protection and authorization framework based on double-layer chain was proposed. The framework was composed of authentication chain and authorization chain. Through cross chain technology, users could obtain service without providing private data to service providers.The authentication layer was responsible for verifying data and generating data certificates, and the authorization layer was responsible for user authorization to prevent service providers from obtaining user privacy data.In addition, the improved RAFT algorithm based on the sequential election and delegated proof of benefit algorithm were proposed to be applied to the authentication layer and the authorization layer respectively, which could improve the speed of consensus and data processing, and solved the problem of how to maintain the public chain without incentive mechanism. The experimental results showed that the proposed framework ensured the authenticity, security and scalability of data, and balanced privacy and traceability.
[1] ALAM M.SBBox:a tamper-resistant digital archiving system[J].International journal of cyber-security and digital forensics,2016,5(3):122-131.
[2] NIETO A,ROMAN R,LOPEZ J.Digital witness:safeguarding digital evidence by using secure architectures in personal devices[J].IEEE network,2016,30(6):34-41.
[3] NAKAMOTO S.Bitcoin:a peer-to-peer electronic cash system [EB/OL].(2019-08-22) [2022-01-22].https://bitcoin.org/bitcoin.pdf.
[4] GARG N.Apache Kafka[M].Birmingham:Packt Publishing,2013.
[5] ONGARO D,OUSTERHOUT J.In search of an understandable consensus algorithm[C]//Proceedings of USENIX Annul Technical Conference.Berkeley:USENIX Association,2014:305-316.
[6] DWORK C,NAOR M.Pricing via processing or combatting junk mail[M]//Advances in Cryptology.Berlin:Springer Press,1992:139-147.
[7] KING S,NADAL S.PPCoin:peer-to-peer crypto-currency with proof-of-stake [EB/OL].(2012-08-19)[2022-02-19].https://decred.org/research/king2012.pdf.
[8] CASTRO M,LISKOV B H.Practical Byzantine fault tolerance [EB/OL].(1999-02-19) [2022-03-16].https://pmg.csail.mit.edu/papers/osdi99.pdf.
[9] CASON D,FYNN E,MILOSEVIC N,et al.The design,architecture and performance of the tendermint blockchain network[C]//40th International Symposium on Reliable Distributed Systems.Piscataway:IEEE Press,2021:23-33.
[10] KHAN M A,SALAH K.IoT security:review,blockchain solutions,and open challenges[J].Future generation computer systems,2018,82:395-411.
[11] LI J X,WU J G,CHEN L.Block-secure:blockchain based scheme for secure P2P cloud storage[J].Information sciences,2018,465:219-231.
[12] ZHANG Y H,DENG R H,LIU X M,et al.Blockchain based efficient and robust fair payment for outsourcing services in cloud computing[J].Information sciences,2018,462:262-277.
[13] ZHU L H,WU Y L,GAI K K,et al.Controllable and trustworthy blockchain-based cloud data management[J].Future generation computer systems,2019,91:527-535.
[14] CHEN Y,DING S,XU Z,et al.Blockchain-based medical records secure storage and medical service framework[J].Journal of medical systems,2018,43(1):5.
[15] 佘维,白孟龙,刘炜,等.能源区块链的架构、应用与发展趋势[J].郑州大学学报(理学版),2021,53(4):1-21.SHE W,BAI M L,LIU W,et al.The architecture,application and development trend of energy blockchain[J].Journal of Zhengzhou university (natural science edition),2021,53(4):1-21.
[16] HAN R,XIAO J,DAI X H,et al.Vassago:efficient and authenticated provenance query on multiple blockchains[C]//40th International Symposium on Reliable Distributed Systems.Piscataway:IEEE Press,2021:132-142.
[17] 姜楠,王玮琦,王健.基于智能合约的个人隐私数据保护方法研究[J].信息网络安全,2020,20(11):22-31.JIANG N,WANG W Q,WANG J.Research on personal information protection method based on smart contract[J].Netinfo security,2020,20(11):22-31.
[18] 储志强,仵冀颖,徐磊,等.基于区块链的分布式离链存储框架设计[J].信息网络安全,2021,21(2):87-93.CHU Z Q,WU J Y,XU L,et al.A distributed off-chain storage framework based on blockchain[J].Netinfo security,2021,21(2):87-93.
[19] DELGADO-VON-EITZEN C,ANIDO-RIFóN L,FERNáNDEZ-IGLESIAS M J.Application of blockchain in education:GDPR-compliant and scalable certification and verification of academic information[J].Applied sciences,2021,11(10):4537.
[20] TIAN Z H,LI M H,QIU M K,et al.Block-DEF:a secure digital evidence framework using blockchain[J].Information sciences,2019,491:151-165.
[21] 谢家贵,李志平,金键.基于星火区块链的跨链机制[J].计算机应用,2022,42(2):519-527.XIE J G,LI Z P,JIN J.Cross-chain mechanism based on Spark blockchain[J].Journal of computer applications,2022,42(2):519-527.
[22] 刘炜,彭宇飞,田钊,等.基于区块链的医疗信息隐私保护研究综述[J].郑州大学学报(理学版),2021,53(2):1-18.LIU W,PENG Y F,TIAN Z,et al.A survey on medical information privacy protection based on blockchain[J].Journal of Zhengzhou university (natural science edition),2021,53(2):1-18.
基本信息:
DOI:10.13705/j.issn.1671-6841.2022186
中图分类号:TP309;TP311.13
引用信息:
[1]刘靖宇,曹兴旺,颜钰莹,等.基于双层链的个人隐私数据保护和授权框架[J].郑州大学学报(理学版),2024,56(02):1-8.DOI:10.13705/j.issn.1671-6841.2022186.
基金信息:
河北省自然科学基金项目(F2020202013)
2023-03-21
2023-03-21
2023-03-21