Cargando…

A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains

Permissioned blockchains can be applied for sharing data among permitted users to authorise the data access requests in a permissioned blockchain. A consensus network constructed using pre-selected nodes should verify a data requester’s credentials to determine if he or she have the correct permissi...

Descripción completa

Detalles Bibliográficos
Autores principales: Zhang, Xiaoshuai, Liu, Chao, Chai, Kok Keong, Poslad, Stefan
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2020
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7506573/
https://www.ncbi.nlm.nih.gov/pubmed/32825194
http://dx.doi.org/10.3390/s20174681
_version_ 1783585045967011840
author Zhang, Xiaoshuai
Liu, Chao
Chai, Kok Keong
Poslad, Stefan
author_facet Zhang, Xiaoshuai
Liu, Chao
Chai, Kok Keong
Poslad, Stefan
author_sort Zhang, Xiaoshuai
collection PubMed
description Permissioned blockchains can be applied for sharing data among permitted users to authorise the data access requests in a permissioned blockchain. A consensus network constructed using pre-selected nodes should verify a data requester’s credentials to determine if he or she have the correct permissions to access the queried data. However, current studies do not consider how to protect users’ privacy for data authorisation if the pre-selected nodes become untrusted, e.g., the pre-selected nodes are manipulated by attackers. When a user’s credentials are exposed to pre-selected nodes in the consensus network during authorisation, the untrusted (or even malicious) pre-selected nodes may collect a user’s credentials and other private information without the user’s right to know. Therefore, the private data exposed to the consensus network should be tightly restricted. In this paper, we propose a challenge-response based authorisation scheme for permissioned blockchain networks named Challenge-Response Assisted Access Authorisation (CRA(3)) to protect users’ credentials during authorisation. In CRA(3), the pre-selected nodes in the consensus network do not require users’ credentials to authorise data access requests to prevent privacy leakage when these nodes are compromised or manipulated by attackers. Furthermore, the computational burden on the consensus network for authorisation is reduced because the major computing work of the authorisation is executed by the data requester and provider in CRA(3).
format Online
Article
Text
id pubmed-7506573
institution National Center for Biotechnology Information
language English
publishDate 2020
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-75065732020-09-26 A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains Zhang, Xiaoshuai Liu, Chao Chai, Kok Keong Poslad, Stefan Sensors (Basel) Article Permissioned blockchains can be applied for sharing data among permitted users to authorise the data access requests in a permissioned blockchain. A consensus network constructed using pre-selected nodes should verify a data requester’s credentials to determine if he or she have the correct permissions to access the queried data. However, current studies do not consider how to protect users’ privacy for data authorisation if the pre-selected nodes become untrusted, e.g., the pre-selected nodes are manipulated by attackers. When a user’s credentials are exposed to pre-selected nodes in the consensus network during authorisation, the untrusted (or even malicious) pre-selected nodes may collect a user’s credentials and other private information without the user’s right to know. Therefore, the private data exposed to the consensus network should be tightly restricted. In this paper, we propose a challenge-response based authorisation scheme for permissioned blockchain networks named Challenge-Response Assisted Access Authorisation (CRA(3)) to protect users’ credentials during authorisation. In CRA(3), the pre-selected nodes in the consensus network do not require users’ credentials to authorise data access requests to prevent privacy leakage when these nodes are compromised or manipulated by attackers. Furthermore, the computational burden on the consensus network for authorisation is reduced because the major computing work of the authorisation is executed by the data requester and provider in CRA(3). MDPI 2020-08-19 /pmc/articles/PMC7506573/ /pubmed/32825194 http://dx.doi.org/10.3390/s20174681 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Zhang, Xiaoshuai
Liu, Chao
Chai, Kok Keong
Poslad, Stefan
A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains
title A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains
title_full A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains
title_fullStr A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains
title_full_unstemmed A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains
title_short A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains
title_sort challenge-response assisted authorisation scheme for data access in permissioned blockchains
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7506573/
https://www.ncbi.nlm.nih.gov/pubmed/32825194
http://dx.doi.org/10.3390/s20174681
work_keys_str_mv AT zhangxiaoshuai achallengeresponseassistedauthorisationschemefordataaccessinpermissionedblockchains
AT liuchao achallengeresponseassistedauthorisationschemefordataaccessinpermissionedblockchains
AT chaikokkeong achallengeresponseassistedauthorisationschemefordataaccessinpermissionedblockchains
AT posladstefan achallengeresponseassistedauthorisationschemefordataaccessinpermissionedblockchains
AT zhangxiaoshuai challengeresponseassistedauthorisationschemefordataaccessinpermissionedblockchains
AT liuchao challengeresponseassistedauthorisationschemefordataaccessinpermissionedblockchains
AT chaikokkeong challengeresponseassistedauthorisationschemefordataaccessinpermissionedblockchains
AT posladstefan challengeresponseassistedauthorisationschemefordataaccessinpermissionedblockchains