Research On Blockchain-based Data Governance And Privacy Protection

As digitization continues to accelerate,the scale of big data has shown an exponential growth trend.In the future,the storage of big data will be distributed and cross-organizational.As data is the core asset of an organization,the limitations and disadvantages of the traditional centralized data governance approach are becoming increasingly obvious.First of all,there is a lack of trust between different institutions,and the data relationship cannot be connected across institutions,so it is impossible to further tap deeper value.Secondly,centralized data storage and processing can not rule out the possibility that centralized institutions may actively or passively commit evil from the perspective of interests.Thirdly,the model of "big center" and "big service" makes users,as the actual producers of data,unable to really own the possession of their own data,let alone obtain the benefits brought by the data and its mining value.Therefore,there is an urgent need for a decentralized data governance model that does not depend on any trusted institution,so as to further promote the flow and dissemination of big data and give full play to the value of big data.At the same time,in traditional centralized data governance,privacy protection is usually presented by third-party trusted institutions in the form of services.In the absence of a trusted center,problems such as fairness,reliability,and robustness of protocols will often occur.Because of the problems existing in traditional centralized data governance,this paper uses the characteristics of decentralization and trustless of blockchain to realize trusted sharing and circulation of big data across institutions and organizations and aims at privacy protection technology in access control,searchable encryption technology,privacy computing,etc.The details are as follows:(1)Aiming at the problems of "data islands" and "data silos" caused by traditional centralized data governance,combined with blockchain technology,attribute-based encryption(CP-ABE),interplanetary file system(IPFS),and other technologies,this paper proposed a user-centered data security sharing scheme named BBSDS.The data owner(DO)can formulate corresponding access policies to achieve fine-grained access control on the sharing.BBSDS borrowed the idea of the non-fungible Token(NFT)of blockchain to realize the identity management.After embedding the identity information into the revocation list of the attribution-related information in ciphertext,it realized the permission revocation at the attribute level.A comparative analysis with other schemes shows that fine-grained permission revocation can be efficiently achieved in BBSDS with only one interaction with blockchain.(2)When the attribute-based access control and encryption are applied to the blockchain,this paper analyzed the problem that access policies and attributes may expose the user’s privacy and proposed a blockchain-based access control model with privacy-preserving(Privacy-Preserving BBSDS,PP-BBSDS).PP-BBSDS mainly supplements the BBSDS scheme in(1)and proposes an improved Bloom Filter(IBF)to break the corresponding relationship between the row number and attribute value of the policy matrix when BBSDS constructing access control policies.PP-BBSDS mainly supplements the BBSDS scheme in(1)and proposes an improved Bloom filter(Improving Bloom Filter,IBF),which breaks the relationship between the row number and attribute when constructs an access control policy.The comparison with other schemes shows that this scheme can achieve fine-grained access control without disclosing any privacy onchain,and will not increase too much storage and time overhead.(3)For the BBSDS scheme in(1),data labels and search records may disclose users’ privacy.Firstly,this paper analyzes the fairness and reliability of traditional searchable encryption technology without a trusted center and proposes a blockchain-based fair and reliable searchable encryption(BFR-SE).When DO creates the ciphertext index and uploads it to the service provider,it uploads some auxiliary information to the chain.The Data User(DU)can verify any dishonest behavior after a search.If there is a problem with the result,he can initiate an arbitration application to the blockchain,which will be judged by the smart contract.(4)In order to further separate data use right and possession right,this paper first analyzes the fairness and robustness of traditional secure multi-party computing protocol without any trusted center,and proposes a blockchain-based Fair and Robust multi-party Computation Scheme(BFRMPC).BFR-MPC maintains a reputation value for each participant using the EOS blockchain,and the higher the reputation value,the easier the node is to be selected to participate in the calculation and obtain benefits.In each round,the participant must publish the correct results before the specified time.Finally,the fairness of the scheme is proved by game theory.Compared with other schemes,BFR-MPC is not limited to a specific scenario,but also fair and strong.Participants only need to interact with the blockchain once in each round,and complex computing operations are outsourced to MPC nodes with strong capabilities to execute outside the chain,which is highly efficient.