A Blockchain-based Mechanism Of Trust Storage And Access Control Scheme For Object Storage System

With the popularity of the cryptocurrency,the blockchain,which is the key underlying technology of the cryptocurrency,has also received extensive attention around the world.It's decentralization,transparency of the process,and the temper-free nature have brought bunch of benefits to many industries,providing new technical ideas for many problems that are difficult to solve under the traditional technology architecture.On the other hand,the object storage system has been widely used in enterprise-level IT systems.Although the object storage system has solved the storage problem of complex objects,the stored data still has potential security risks such as forgery and tempering,it's hard for it to build a trust storage.At the same time,most of the existing data privilege management model often rely on centralized infrastructures,the privilege information is opaque and it's vulnerable to hacker attacks,which may result in data leakage.Moreover,the process of file access between different organizations is cumbersome and time consuming in the real business environment,which greatly hinders the development of business process automation.This paper combines the blockchain technology with the object storage system,for those data that needs to be stored and shared,blockchain make it possible for us to prevent data tampering,but also provide us with a new way to simplify the business process automation between systems without the need to establish an expensive centralized IT infrastructure,with the transparent access control information on chain,we can make all parties to access the storage system safely and conveniently.Based on the research of the smart contract and object storage systems,the main work and contributions of this paper are as follows:1)The object's digest information was stored into the blockchain through the smart contract while the original object content was stored in the object storage system to archive trusted storage in the untrusted environment.2)Maintaining the access control information of the stored object through the smart contract,which simplified the process of data access between different organizations in the real business scenes while improving the security of privilege management at the same time.3)Based on the Hyperledger Fabric blockchain framework,the prototype system of the proposed scheme is implemented and tested.It is verified that the scheme can be applied to practical commercial systems.This paper uses the amazon S3's standard object storage API,and with the magic of Java AOP technology,we realize the operation of automatically uploading digest and access control information in the process of uploading and downloading objects without modifying the S3 SDK.The experimental results show that the mechanism provided in this paper can realize trusted storage management and data access control in untrusted environment.