Secure, Automatic and Reliable Provision of Proprietary Data using Blockchain
Keywords:
Blockchain, Data sharing, Smart contractsAbstract
The General Law for the Protection of Personal Data (LGPD) determines respect for privacy as fundamental to the protection of proprietary data in Brazil, ensuring citizens’ power to control over their own data. However, current data sharing and trading systems delegate trust to centralized services, restricting this control. This project proposed a secure, agile, and effective system for automated, distributed, and transparent data trading across multiple administrative domains using blockchain, smart contracts, reputation, and trust. The proposed system uses blockchain technology to ensure secure and distributed storage of user access-permissions, returning control over the data itself to the owner. A prototype of the proposed system was developed using the open-source Hyperledger Fabric platform for implementing smart contracts and a blockchain network. Performance evaluation results show that the proposed system provides security and privacy in cross-domain data trading in a distributed, agile and effective manner, simultaneously serving more than 200 requests per second and effectively punishing malicious behavior.
Downloads
References
Andersen, M. P., Kolb, J., Chen, K., Fierro, G., Culler, D. E., and Popa, R. A. (2017). WAVE: A decentralized authorization system for IoT via blockchain smart contracts. University of California at Berkeley, Tech. Rep.
Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Enyeart, D., Ferris, C., Laventman, G., Manevich, Y., et al. (2018). Hyperledger fabric: A distributed operating system for permissioned blockchains. In Proceedings of the Thirteenth EuroSys Conference, page 30. ACM.
Camilo, G., Rebello, G. A., de Souza, L. A., and Duarte, O. C. (2020a). AutAvailChain: Disponibilização Segura, Controlada e Automática de Dados IoT usando Corrente de Blocos. In Anais do III Workshop em Blockchain: Teoria, Tecnologia e Aplicações, pages 1–14, Porto Alegre, RS, Brasil. SBC.
Camilo, G., Souza, L., and Duarte, O. (2021). Um sistema seguro e distribuído para o provisionamento de funções virtuais de rede como serviço através de corrente de blocos. In Anais do XXXIX Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, pages 770–783, Porto Alegre, RS, Brasil. SBC.
Camilo, G. F., Rebello, G. A. F., de Souza, L. A. C., and Duarte, O. C. M. B. (2020b). Autavailchain: Automatic and secure data availability through blockchain. In GLOBECOM 2020 - 2020 IEEE Global Communications Conference, pages 1–6.
Camilo, G. F., Rebello, G. A. F., de Souza, L. A. C., and Duarte, O. C. M. B. (2020c). A secure personal-data trading system based on blockchain, trust, and reputation. In 2020 IEEE International Conference on Blockchain (Blockchain), pages 379–384.
Canaltech (2022). Vazamento da Nvidia expôs dados de 71,3 mil funcionários. https://canaltech.com.br/seguranca/vazamento-da-nvidia-expos-dados-de-713-mil-funcionarios-210683/. Acessado em 6 de março de 2022.
g1.com (2022). Megavazamentos de dados expõem informações de 223 milhões de números de CPF. https://g1.globo.com/economia/tecnologia/blog/altieres-rohr/post/2021/01/25/vazamentos-de-dados-expoem-informacoes-de-223-milhoes-de-numeros-de-cpf.ghtml. Acessado em 6 de março de 2022.
Lantz, B., Heller, B., and McKeown, N. (2010). A network in a laptop: Rapid prototyping for software-defined networks. In Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks, Hotnets-IX, New York, NY, USA.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Disponível em https://bitcoin.org/bitcoin.pdf. Acessado em 15 de abril de 2020.
Sun, Y., Han, Z., and Liu, K. R. (2008). Defense of trust management vulnerabilities in distributed networks. IEEE Communications Magazine, 46(2):112–119