Logging mechanism for cross-organizational collaborations using Hyperledger Fabric

Organizations nowadays are largely computerized, with a mixture of internal and external services providing them with on-demand functionality. In some situations (e.g. emergency situations), cross-organizational collaboration is needed, providing external users access to internal services. Trust between partners in such a collaboration can however be an issue. Although (federated) access control policies may be in place, it is unclear which data was requested and delivered after a collaboration has finished. This may lead to disputes between participating organizations. The open-source permissioned blockchain Hyperledger Fabric is utilized to create a logging mechanism for the actions performed by the participants in such a collaboration. This paper presents the architecture needed for such a logging mechanism and provides details on its operation. A prototype was designed in order to evaluate the performance of an asynchronous logging approach. Measurements show that the proposed logging mechanism enables organizations to create a log of service interactions with limited delay imposed on the data exchange process

Trustful ad hoc cross-organizational data exchanges based on the Hyperledger Fabric framework

Organizations share data in a cross-organizational context when they have the goal to derive additional knowledge by aggregating different data sources. The collaborations considered in this article are short-lived and ad hoc, that is, they should be set up in a few minutes at most (e.g., in emergency scenarios). The data sources are located in different domains and are not publicly accessible. When a collaboration is finished, it is however unclear which exchanges happened. This could lead to possible disputes when dishonest organizations are present. The receipt of requests/responses could be falsely denied or their content could be point of discussion. In order to prevent such disputes afterwards, a logging mechanism is needed which generates a replicated irrefutable proof of which exchanges have happened during a single collaboration. Distributed database solutions can be taken from third parties to store the generated logs, but it can be difficult to find a party which is trusted by all participating organizations. Permissioned blockchains provide a solution for this as each organization can act as a consensus participant. Although the consensus mechanism of the permissioned blockchain Hyperledger Fabric (versions 1.0-1.4) is not fully decentralized, which clashes with the fundamental principle of blockchain, the framework is used in this article as an enabler to set up a distributed database, and a proposal for a logging mechanism is presented which does not require the third party to be fully trusted. A proof of concept is implemented which can be used to experiment with different data exchange setups. It makes use of generic web APIs and behaves according to a Markov chain in order to create a fully automated data exchange scenario where the participants explore their APIs dynamically. The resulting mechanism allows a data-delivering organization to detect missing logs and to take action, for example, (temporarily) suspend collaboration. Furthermore, each organization is incentivized to follow the steps of the logging mechanism as it may lose access to data of others, otherwise. The created proof of concept is scaled to 10 organizations, which autonomously exchange different data types for 10 min, and evaluation results are presented accordingly

Applications of Blockchain in Business Processes: A Comprehensive Review

Blockchain (BC), as an emerging technology, is revolutionizing Business Process Management (BPM) in multiple ways. The main adoption is to serve as a trusted infrastructure to guarantee the trust of collaborations among multiple partners in trustless environments. Especially, BC enables trust of information by using Distributed Ledger Technology (DLT). With the power of smart contracts, BC enforces the obligations of counterparties that transact in a business process (BP) by programming the contracts as transactions. This paper aims to study the state-of-the-art of BC technologies by (1) exploring its applications in BPM with the focus on how BC provides the trust of BPs in their lifecycles; (2) identifying the relations of BPM as the need and BC as the solution with the assessment towards BPM characteristics; (3) discussing the up-to-date progresses of critical BC in BPM; (4) identifying the challenges and research directions for future advancement in the domain. The main conclusions of our comprehensive review are (1) the study of adopting BC in BPM has attracted a great deal of attention that has been evidenced by a rapidly growing number of relevant articles. (2) The paradigms of BPM over Internet of Things (IoT) have been shifted from persistent to transient, from static to dynamic, and from centralized to decentralized, and new enabling technologies are highly demanded to fulfill some emerging functional requirements (FRs) at the stages of design, configuration, diagnosis, and evaluation of BPs in their lifecycles. (3) BC has been intensively studied and proven as a promising solution to assure the trustiness for both of business processes and their executions in decentralized BPM. (4) Most of the reported BC applications are at their primary stages, future research efforts are needed to meet the technical challenges involved in interoperation, determination of trusted entities, confirmation of time-sensitive execution, and support of irreversibility

Secure Information Sharing with Distributed Ledgers

In 2009, blockchain technology was first introduced as the supporting database technology for digital currencies. Since then, more advanced derivations of the technology have been developed under the broader term Distributed Ledgers, with improved scalability and support for general-purpose application logic. As a distributed database, they are able to support interorganizational information sharing while assuring desirable information security attributes like non-repudiation, auditability and transparency. Based on these characteristics, researchers and practitioners alike have begun to identify a plethora of disruptive use cases for Distributed Ledgers in existing application domains. While these use cases are promising significant efficiency improvements and cost reductions, practical adoption has been slow in the past years. This dissertation focuses on improving three aspects contributing to slow adoption. First, it attempts to identify application areas and substantiated use cases where Distributed Ledgers can considerably advance the security of information sharing. Second, it considers the security aspects of the technology itself, identifying threats to practical applications and detection approaches for these threats. And third, it investigates success factors for successful interorganizational collaborations using Distributed Ledgers

The enterprise blockchain design framework and its application to an e-Procurement ecosystem

The research work of this paper has been partially funded by the project VORTAL INTER DATA (n° 038361), co-financed by Vortal and COMPETE Program P2020. We would also like to thank UNIDEMI, DEMI, and LASI for providing us with the research infrastucture and resources to conduct this research. Publisher Copyright: © 2022 Elsevier LtdBlockchain technologies have seen a steady growth in interest from industries as the technology is gaining maturity. It is offering a novel way to establish trust amongst multiple stakeholders without relying or trusting centralised authorities. While its use as a decentralised store of value has been validated through the emergence of cryptocurrencies, its use case in industrial applications with multiple stakeholder ecosystems such as industrial supply chain management, is still at an early stage of design and experimentation where private blockchains are used as opposed to public blockchains. Many enterprise blockchain projects failed to gain traction after initial launches, due to inefficient design, lack of incentives to all stakeholders or simply because the use of blockchain was not really necessary in the first place. There has been a need for a framework that allows blockchain designers and researchers to evaluate scenarios when a blockchain solution is useful and design the key configurations for an enterprise blockchain solution. Literature on blockchain architectures are sparse and only applicable to specific use cases or functionalities. This paper proposes a comprehensive Enterprise Blockchain Design Framework (EBDF), that not only identifies the relevant use cases when a blockchain must be utilised, but also details all the characteristics and configurations for designing an enterprise blockchain ecosystem, applicable to multiple industries. To validate the EBDF, we apply the same to the Vortal e-Procurement ecosystem allowing for multiple platforms to interoperate with greater transparency and accountability over the proposed blockchain framework. In this use case, many vendors bid for procurement procedures, often for publicly managed funds where it is extremely vital that full transparency and accountability is ensured in the entire process. Ensuring that certain digital certification functions, such as timestamps are independent from e-Procurement platform owners has been a challenge. Blockchain technology has emerged as a promising solution for not only ensuring transparency and immutability of records, but also providing for interoperability across different platforms by acting as a trusted third-party. The applied framework is used to design a Hyperledger based blockchain solution with some of the key architectural elements that could fulfil these needs while presenting the advantages of such a solution.publishersversionpublishe

Novel information and data exchange within power systems using enhanced blockchain technologies

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonCurrent energy systems are primarily designed for centralized power generation and supplying bulk electricity to users with stable and predictable usage patterns. However, with the increasing penetration of renewable energy sources (RES), future energy systems will require greater flexibility and wider distribution of both demand and supply. Integrating RES on a large scale poses challenges to the hosting capacity of distribution systems. To address these challenges, the digitalization of energy systems through novel Information and Communication Technologies (ICT) infrastructure is essential. The shift from centralized to highly distributed systems necessitates increased coordination and communication efforts. This is because a distributed system is composed of multiple independent entities that need to communicate and collaborate effectively to accomplish a shared objective. Coordination and communication are necessary to ensure that the system is operating efficiently and effectively. Traditional centralized cloud-based data exchange schemes depend on a single trusted third party, this may lead to single-point failure and lack of data privacy and access control. To overcome these issues, a novel approach is proposed for exchanging data within power systems using blockchain technology. This approach enables users to securely exchange data while maintaining ownership. The experiments conducted demonstrate that the proposed approach can handle more users and enables information and data exchange within power systems. Secondly, this thesis proposes an Artificial Neural Network (ANN) based prediction model to optimize the performance of the blockchain-enabled data exchange approach. A use case for exchanging data within the power system is implemented on the proposed platform using various performance metrics. The results of the proposed approach are compared to two other schemes: the baseline scheme and an optimized scheme. The evaluation results indicate that the proposed approach can enhance network performance when compared to the baseline and optimized schemes. In summary, the proposed novel approach to ICT infrastructure for successfully exchanging information and data within power systems entities. The performance of the novel approach is evaluated based on the ability to handle multiple users, scalability, reliability, and security

Decentralized Inverse Transparency With Blockchain

Employee data can be used to facilitate work, but their misusage may pose risks for individuals. Inverse transparency therefore aims to track all usages of personal data, allowing individuals to monitor them to ensure accountability for potential misusage. This necessitates a trusted log to establish an agreed-upon and non-repudiable timeline of events. The unique properties of blockchain facilitate this by providing immutability and availability. For power asymmetric environments such as the workplace, permissionless blockchain is especially beneficial as no trusted third party is required. Yet, two issues remain: (1) In a decentralized environment, no arbiter can facilitate and attest to data exchanges. Simple peer-to-peer sharing of data, conversely, lacks the required non-repudiation. (2) With data governed by privacy legislation such as the GDPR, the core advantage of immutability becomes a liability. After a rightful request, an individual's personal data need to be rectified or deleted, which is impossible in an immutable blockchain. To solve these issues, we present Kovacs, a decentralized data exchange and usage logging system for inverse transparency built on blockchain. Its new-usage protocol ensures non-repudiation, and therefore accountability, for inverse transparency. Its one-time pseudonym generation algorithm guarantees unlinkability and enables proof of ownership, which allows data subjects to exercise their legal rights regarding their personal data. With our implementation, we show the viability of our solution. The decentralized communication impacts performance and scalability, but exchange duration and storage size are still reasonable. More importantly, the provided information security meets high requirements. We conclude that Kovacs realizes decentralized inverse transparency through secure and GDPR-compliant use of permissionless blockchain.Comment: Peer-reviewed version accepted for publication in ACM Distributed Ledger Technologies: Research and Practice (DLT). arXiv admin note: substantial text overlap with arXiv:2104.0997