Research On Data Privacy Protection Mechanism Of Logistics Users Based On Blockchain

With the rapid development of logistics industry,the problem of privacy data leakage of logistics users is becoming more and more serious.How to effectively protect the privacy data of logistics users is a problem that needs to be further solved.Through the research of logistics business process,three reasons of logistics user privacy data leakage are summarized:1)The data stored in express plaintext during the transit process causes a large amount of privacy leakage.2)The provision of security for users' privacy data by logistics enterprises is likely to result in confusion of authority and privacy disclosure.3)Data storage servers are not secure and easy to be attacked by hackers,leading to privacy leakage.So,This paper proposes a blockchain-based logistics privacy data protection mechanism,which uses the characteristics of blockchain distribution,decentralization,and tamper resistance,combined with identity authentication technology,encryption technology and access control technology to effectively protect the privacy data of logistics users.The mechanism includes three parts: logistics user identity management,privacy data encryption and user access rights management.While the algorithm and smart contract of each part are designed,experiments and analyses are conducted on the overall mechanism.The main research includes the following four items:(1)Aiming at privacy leakage caused by complex personnel and improper identity management in logistics,a blockchain-based identity management mechanism for identity registration,identity authenticity verification,identity authentication and identity revocation is designed.As the first step to realize the protection of logistics privacy,in the blockchain environment,design identity management mechanisms for identity registration,identity authenticity verification,identity authentication and identity revocation.Realize the security management of user information through smart contracts.Identity registration realizes the safe chaining of user private information.In identity verification,a verification node is set to verify the authenticity and integrity of the information on the user chain,and then the legitimacy of the user information is verified through two identity authentication methods to meet the conditions for obtaining private data.Through the security analysis of the identity management mechanism,the effectiveness of the verification mechanism is verified.(2)Aiming at the insecurity of express delivery bill plaintext and data storage,a privacy data protection mechanism based on hierarchical encryption is designed to classify the user's identity information registered on the chain.It is divided into three security levels,and then use the AES and RSA hybrid encryption scheme to encrypt the divided information separately,the key generated by AES plaintext encryption and RSA key encryption is uploaded to the secure library,and generate a storage address hash back with blockchain,users can obtain private data through authenticated identities.At the same time,the performance of the hybrid encryption scheme is analyzed,and it is verified that data encryption and decryption have high efficiency.(3)Aiming at the privacy leakage problem caused by the confusion of authority,design an access management method suitable for logistics,improve the role-based access control model,propose a role access control model based on blockchain and trust(BT-RBAC),and add the concepts of user block,time constraint and user trust.Through the integrated analysis of existing literature,the improved model adds the concepts of user block,time constraint and user trust.By dividing logistics staff of the same work nature into a user block,and assigning permissions and roles to the user block,the complexity of traditional RBAC permission assignment is reduced.At the same time,the user's trust is calculated by the Fuzzy Analytic Hierarchy Process.Determine whether the corresponding user block can be added to ensure that the user behavior is trustworthy,and then set the time range and length constraints for the permissions obtained by the user.Through performance analysis,it can be seen that the improved model improves the decision efficiency of the access control strategy.(4)Perform experimental verification and analysis on the identity management,data encryption and access control methods proposed in the research,mainly design and analyze the user data structure and smart contracts involved in the identity management mechanism and access management mechanism,and verify the deployment of the contract,and then pass the analysis the security of the blockchain,the weak correlation between the objects of the mechanism and the performance of the mechanism verify the effectiveness of the mechanism.