基于区块链的个人敏感数据安全存储及共享方法
Secure Storage and Sharing Method of Personal Sensitive Data Based on Blockchain
摘要: 针对云环境中的数据安全共享困难、隐私信息易泄露和加解密开销大的问题,本文提出一种基于区块链的个人敏感数据安全存储及共享方法。方案利用以太坊区块链平台搭建实验环境,采用改进的国密SM2数字签名算法对敏感数据加以保护,部署在区块链上的智能合约能够执行自动化的属性判断,实现了中心化的访问控制机制。用户的访问记录都保存在区块链中,保证可溯源追责。实验分析表明,该方案在数据安全性、隐私保护等方面有明显的优势。
Abstract: Aiming at the difficulties of data security sharing in the cloud environment, the easy leakage of private information, and the high overhead of encryption and decryption, this paper proposes a blockchain-based method for secure storage and sharing of personal sensitive data. This scheme uses the characteristics of blockchain to build an experimental platform, and at the same time uses the improved national secret SM2 digital signature algorithm to protect sensitive data. The smart contracts deployed on the blockchain can perform automatic attribute judgment and realize centralized access control. The user’s access records are stored in the blockchain to ensure traceability and accountability. Experimental analysis shows that this scheme has obvious advantages in data security, privacy protection, etc.
文章引用:曹穗. 基于区块链的个人敏感数据安全存储及共享方法[J]. 计算机科学与应用, 2022, 12(4): 1139-1148. https://doi.org/10.12677/CSA.2022.124116

参考文献

[1] Zyskind, G., Nathan, O. and Pentland, A.S. (2015) Decentralizing Privacy: Using Blockchain to Protect Personal Data. 2015 IEEE Security and Privacy Workshops, San Jose, 21-22 May 2015, 180-184. [Google Scholar] [CrossRef
[2] Jemel, M. and Serhrouchni, A. (2017) Decentralized Access Control Mechanism with Temporal Dimension Based on Blockchain. 2017 IEEE 14th International Conference on e-Business Engineering (ICEBE), Shanghai, 4-6 November 2017, 177-182. [Google Scholar] [CrossRef
[3] Li, G. and Sato, H. (2019) A Privacy-Preserving and Fully Decentralized Storage and Sharing System on Blockchain. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), Milwaukee, 15-19 July 2019, 694-699. [Google Scholar] [CrossRef
[4] Shu, H., Qi, P., Huang, Y., Chen, F., Xie, D. and Sun, L. (2020) An Efficient Certificateless Aggregate Signature Scheme for Blockchain-Based Medical Cyber Physical Systems. Sensors, 20, Article No. 1521. [Google Scholar] [CrossRef] [PubMed]
[5] Gao, S., Piao, G., Zhu, J., et al. (2020) TrustAccess: A Trustworthy Se-cure Ciphertext-Policy and Attribute Hiding Access Control Scheme Based on Blockchain. IEEE Transactions on Vehic-ular Technology, 69, 5784-5798. [Google Scholar] [CrossRef
[6] Niu, S., Chen, L. and Liu, W. (2020) Attribute-Based Keyword Search Encryption Scheme with Verifiable Ciphertext via Blockchains. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC), Chongqing, 11-13 December 2020, 849-853. [Google Scholar] [CrossRef
[7] Zhang, Y., Kasahara, S., Shen, Y., et al. (2018) Smart Contract-Based Access Control for the Internet of Things. IEEE Internet of Things Journal, 6, 1594-1605. [Google Scholar] [CrossRef
[8] Košťál, K., Helebrandt, P., Belluš, M., et al. (2019) Management and Monitoring of IoT Devices Using Blockchain. Sensors, 19, Article No. 856. [Google Scholar] [CrossRef] [PubMed]
[9] Nakamoto, S. (2008) Bitcoin: A Peer-to-Peer Electronic Cash System. Decentralized Business Review.
[10] Szabo, N. (1996) Smart Contracts: Building Blocks for Digital Markets. Extropy: The Journal of Transhumanist Thought, 18, 28.
[11] Steinfeld, R., Bull, L. and Zheng, Y. (2001) Content Extraction Signatures. International Conference on Information Security and Cryptology, Seoul, 6-7 December 2001, 285-304. [Google Scholar] [CrossRef
[12] 汪朝晖, 张振峰. SM2椭圆曲线公钥密码算法综述[J]. 信息安全研究, 2016, 2(11): 972-982.
[13] 国家密码管理局. SM2椭圆曲线公钥密码算法[EB/OL]. http://www.sca.gov.cn/sca/xwdt/2010-12/17/content_1002386.shtml, 2010-12-17.
[14] Huang, H.P., Zhu, P., Xiao, F., et al. (2020) A Blockchain-Based Scheme for Privacy-Preserving and Secure Sharing of Medical Data. Computers & Security, 99, Article ID: 102010. [Google Scholar] [CrossRef] [PubMed]
[15] 王彩芬, 徐婷, 张玉磊, 杨小东. 基于可截取签名和属性加密的云存储访问控制方案[J]. 计算机工程与科学, 2015, 37(2): 238-244.
[16] Wang, M., Zhang, Y., Ma, J., et al. (2020) A Universal Designated Multi Verifiers Content Extraction Signature Scheme. In-ternational Journal of Computational Science and Engineering, 21, 49-59. [Google Scholar] [CrossRef