STAIBT: Blockchain and CP-ABE Empowered Secure and Trusted Agricultural IoT Blockchain Terminal

The integration of agricultural Internet of Things (IoT) and blockchain has become the key technology of precision agriculture. How to protect data privacy and security from data source is one of the difficult issues in agricultural IoT research. This work integrates cryptography, blockchain and Interplanetary File System (IPFS) technologies, and proposes a general IoT blockchain terminal system architecture, which strongly supports the integration of the IoT and blockchain technology. This research innovatively designed a fine-grained and flexible terminal data access control scheme based on the ciphertext-policy attribute-based encryption (CP-ABE) algorithm. Based on CP-ABE and DES algorithms, a hybrid data encryption scheme is designed to realize 1-to-N encrypted data sharing. A "horizontal + vertical" IoT data segmentation scheme under blockchain technology is proposed to realize the classified release of different types of data on the blockchain. The experimental results show that the design scheme can ensure data access control security, privacy data confidentiality, and data high-availability security. This solution significantly reduces the complexity of key management, can realize efficient sharing of encrypted data, flexibly set access control strategies, and has the ability to store large data files in the agricultural IoT

Blockchain based Access Control for Enterprise Blockchain Applications

Access control is one of the fundamental security mechanisms of IT systems. Most existing access control schemes rely on a centralized party to manage and enforce access control policies. As blockchain technologies, especially permissioned networks, find more applicability beyond cryptocurrencies in enterprise solutions, it is expected that the security requirements will increase. Therefore, it is necessary to develop an access control system that works in a decentralized environment without compromising the unique features of a blockchain. A straightforward method to support access control is to deploy a firewall in front of the enterprise blockchain application. However, this approach does not take advantage of the desirable features of blockchain. In order to address these concerns, we propose a novel blockchain‐based access control scheme, which keeps the decentralization feature for access control–related operations. The newly proposed system also provides the capability to protect user\u27s privacy by leveraging ring signature. We implement a prototype of the scheme using Hyperledger Fabric and assess its performance to show that it is practical for real‐world applications

Efficient Attribute-Based Smart Contract Access Control Enhanced by Reputation Assessment

Blockchain's immutability can resist unauthorized changes of ledgers, thus it can be used as a trust enhancement mechanism to a shared system. Indeed, blockchain has been considered to solve the security and privacy issues of the Internet of Things (IoT). In this regard, most researches currently focus on the realization of various access control models and architectures, and are working towards making full use of the blockchain to secure IoT systems. It is worth noting that there has been an increasingly heavy pressure on the blockchain storage caused by dealing with massive IoT data and handling malicious access behaviors in the system, and not many countermeasures have been seen to curb the increase. However, this problem has not been paid enough attention. In this paper, we implement an attribute-based access control scheme using smart contracts in Quorum blockchain. It provides basic access control functions and conserves storage by reducing the number of smart contracts. In addition, a reputation-based technique is introduced to cope with malicious behaviors. Certain illegal transactions can be blocked by the credit-assessment algorithm, which deters possibly malicious nodes and gives more chance to well-behaved nodes. The feasibility of our proposed scheme is demonstrated by doing experiment on a testbed and conducting a case study. Finally, the system performance is assessed based on experimental measurement

Balancing patient control and practical access policy for electronic health records via blockchain technology

Electronic health records (EHRs) have revolutionized the health information technology domain, as patient data can be easily stored and accessed within and among medical institutions. However, in working towards nationwide patient engagement and interoperability goals, recent literature adopts a very patient-centric model---patients own their universal, holistic medical records and control exactly who can access their health data. I contend that this approach is largely impractical for healthcare workflows, where many separate providers require access to health records for care delivery. My work investigates the potential of a blockchain network to balance patient control and provider accessibility with a two-fold approach. First, I conduct a survey investigation to identify patient concerns and determine the level of control patients would like over their health information. Second, I implement a blockchain network prototype to address the spectrum of patient control preferences and automate practical access policy. There are conflicting demands amongst patients and providers for EHR access---privacy versus flexibility. Yet, I find blockchain technology, when manipulated to model access states, automate an organizational role-based access scheme, and provide an immutable history of behavior in the network, to be a very plausible solution for balancing patient desires and provider needs. My approach is, to my knowledge, the first example of blockchain\u27s use for less patient-centric, nudge theory-based EHR access control, an idea that could align access control interests as academics, the government, and the healthcare industry make strides towards interoperable, universal patient records

Blockchain Support for Flexible Queries with Granular Access Control to Electronic Medical Records (EMR)

In this paper, we propose an architecture for Blockchain-based Electronic Medical Records (EMRs) called GAA-FQ (Granular Access Authorisation supporting Flexible Queries) that comprises an access model and an access authorisation scheme. Unlike existing Blockchain schemes, our access model can authorise different levels of granularity of authorisation, whilst maintaining compatibility with the underlying Blockchain data structure. Furthermore, the authorisation, encryption, and decryption algorithms proposed in the GAA-FQ scheme dispense with the need to use a public key infrastructure (PKI) and hence improve the computation performance needed to support more granular and distributed, yet authorised, EMR data queries. We validated the computation performance and transmission efficiency for GAA-FQ using a simulation of GAA-FQ against an access control scheme for EMRs called ESPAC as our baseline that was not designed using a Blockchain. To the best of our knowledge, GAA- FQ is the first Blockchain-oriented access authorisation scheme with granular access control, supporting flexible data queries, that has been proposed for secure EMR information management

A Blockchain-Based Access Control Scheme for Smart Grids

At present, the access control schemes in the power grid are centralized. In the centralized system, the data of the network sensor nodes is transmitted by centralized nodes, and the data itself may be illegally tamped with or lost, which can lead to reduced system reliability. For this feature, we apply blockchain technology to the design of access control schemes. In this paper, we propose a blockchain-based access control scheme that is suitable for multiple scenarios in the smart grid. Our access control scheme is based on an identity-based combined encryption, signature and signcryption scheme. In addition, we design a consensus algorithm in the power system for the consortium blockchain architecture to solve the key escrow problem of the untrusted third parties. Our scheme also ensures the confidentiality, integrity, authentication and non-repudiation of the data. Compared with the existing work, our scheme can use the same key pair to encrypt, sign and signcrypt the message, which has lower computation and communication costs in multiple scenarios of smart grids

Secure Blockchain Transactions for Electronic Health Records based on an Improved Attribute-Based Signature Scheme (IASS)

Electronic Health Records (EHRs) are entirely controlled by hospitals, not patients, making it difficult to obtain medical advice from individual hospitals. Patients need to keep tabs on their health details and take back control of their medical data. The rapid development of blockchain technology has facilitated large-scale healthcare, including medical records and patient-related data. The technology provides comprehensive and immutable patient records and free access to electronic medical records for providers and treatment portals. To ensure the validity of the blockchain-connected EHR, the Improved Attribute-Based Signature Scheme (IASS) has considerable powers, allowing patients to approve messages based on attributes but not validated. In addition, it avoids the problem of having multiple authorities without a single or central source of trust for generating and distributing patient public/private keys and fits into the blockchain model for distributed data storage. By sharing a secret, pseudo-random activity seed between authorities, the protocol resists collusive attacks by corrupt officials. The technology provides patients with a comprehensive, immutable record and free access to their EHR from providers and treatment portals. To ensure the validity of blockchain-connected EHRs, propose an attribute-based multi-authority signature scheme that authorizes messages based on their attributes without revealing any information