Cross-Domain Bilateral Access Control on Blockchain-Cloud Based Data Trading System  

作　　者：Youngho Park Su Jin Shin Sang Uk Shin 

机构地区：[1]Electronics and Information Communications Research Center,Pukyong National University,Busan,48513,Republic of Korea [2]Department of Information Security,Graduate School,Pukyong National University,Busan,48513,Republic of Korea [3]Division of Computer Engineering,Pukyong National University,Busan,48513,Republic of Korea

出　　处：《Computer Modeling in Engineering & Sciences》2024年第10期671-688,共18页工程与科学中的计算机建模（英文）

基　　金：supported by Basic Science Research Program through the National Research Foundation of Korea(NRF)funded by the Ministry of Education(No.2022R1I1A3063257);supported by the MSIT(Ministry of Science and ICT),Korea,under the Special R&D Zone Development Project(R&D)—Development of R&D Innovation Valley Support Program(2023-DD-RD-0152)supervised by the Innovation Foundation.

摘　　要：Data trading enables data owners and data requesters to sell and purchase data.With the emergence of blockchain technology,research on blockchain-based data trading systems is receiving a lot of attention.Particularly,to reduce the on-chain storage cost,a novel paradigm of blockchain and cloud fusion has been widely considered as a promising data trading platform.Moreover,the fact that data can be used for commercial purposes will encourage users and organizations from various fields to participate in the data marketplace.In the data marketplace,it is a challenge how to trade the data securely outsourced to the external cloud in a way that restricts access to the data only to authorized users across multiple domains.In this paper,we propose a cross-domain bilateral access control protocol for blockchain-cloud based data trading systems.We consider a system model that consists of domain authorities,data senders,data receivers,a blockchain layer,and a cloud provider.The proposed protocol enables access control and source identification of the outsourced data by leveraging identity-based cryptographic techniques.In the proposed protocol,the outsourced data of the sender is encrypted under the target receiver’s identity,and the cloud provider performs policy-match verification on the authorization tags of the sender and receiver generated by the identity-based signature scheme.Therefore,data trading can be achieved only if the identities of the data sender and receiver simultaneously meet the policies specified by each other.To demonstrate efficiency,we evaluate the performance of the proposed protocol and compare it with existing studies.

关 键 词：Bilateral access control blockchain data sharing policy-match 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]