| In today’s big data era,there is an urgent need for data sharing in all industries.However,traditional data sharing solutions are highly centralized and have problems such as single-point of failure and data privacy leakage caused by the vulnerability of data storage systems to attackers.The data sharing process also has the problems of difficult to determine data ownership,coarse granularity of access control,and opaque data sharing process.On the other hand,authentication,the first step in the process of secure data sharing among users,also has security issues.Public Key Infrastructure(PKI),the prevalent authentication technology today,relies excessively on third-party Certification Authority(CA),which also has the problems of single-point of failure and low transparency of digital certificate management process.However,the current Blockchain technology developed by the country has the characteristics of trusted process and decentralization,which provides a new idea for the realization of secure data sharing.Therefore,this thesis conducted the following research based on blockchain technology:1.Aiming at the problems of single-point failure,opaque digital certificate management process and low efficiency of digital certificate status query in the traditional PKI authentication process,this thesis designs a Blockchain-based PKI digital certificate management model.The model first adopts the consortium Blockchain to solve the problem of interruption of digital certificate status query service caused by single-point failure of CAs;then it achieves the purpose of transparent digital certificate management process by recording the process of each CA managing digital certificate in the form of transaction on the blockchain in the model;finally,combined with the improved digital certificate,two cuckoo filters are adopted in the model to realize the fast query of digital certificate status.Security analysis shows that this model can meet more security requirements in the identity authentication scenario.2.To address the problems of single-point of failure,easy data privacy leakage,difficult to determine data ownership,and insufficient granularity of access control in traditional data sharing schemes,this thesis designs a data sharing access control model based on smart contracts and user credit.Based on the consortium Blockchain architecture,the model combines attribute-based access control policy and user credit to provide dynamic and fine-grained access control for users;it solves the problems of single point of failure and privacy leakage of data storage nodes by storing data encrypted in the Inter Planetary File System;then the access authorization process is implemented in a smart contract to improve the transparency of the data sharing process.Theoretical and experimental analysis shows that this model meets the functional and security requirements in data sharing scenarios,and the blockchain network performs well. |
PDF Full Text Request