Browse > Article
http://dx.doi.org/10.13089/JKIISC.2022.32.3.513

Redactable Blockchain Based Authority Alteration and Accessn Control System  

Lee, Yeon Joo (Korea University)
Choi, Jae Hyun (Korea University)
Noh, Geontae (Seoul Cyber University)
Jeong, Ik Rae (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.32, no.3, 2022 , pp. 513-525 More about this Journal
Abstract
The immutability of blockchain is core elements of security of blockchain and guarantee data integrity. However, the characteristic that the data recoreded once in the blockchain cannot be modified has place for abuse by a specific user. In fact improper contents that is inappropriate to be recorded on the blockchain, such as harmful data and user personal data, is exposed on Bitcoin. As a way to manage improper content existing in the blockchain, there is a redactable blockchain using chameleon hash proposed for the first time by Ateniese. The redactable blockchain meet the right to be forgotten of GDPR by allowing data modification and deletion. Recently, Research on personal data management is being conducted in a redactable blockchain. Research by Jia et al. proposed a model that enables users to manage their personal data in the redactable blockchain. However, semi trusted regulators, which are blockchain participation nodes, have powerful authority in the blockchain, such as modification rights and deprivation of transaction rights for all blocks, which may cause side effects. In this paper, to weaken the authority of regulators in Y. Jia et al., we propose a method of authority subject altering and authority sharing, and propose a redactable blockchain-based authority change and access control system model based on applicable scenarios.
Keywords
Redactable Blockchain; Authority Alteration; Personal Data Management; Access Control; GDPR;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 S. Nakamoto, "Bitcoin: A Peer-to-Peer Electronic Cash System," Decentralized Business Review, 2008.
2 G. Yu, X. Zha, X. Wang, W. Ni, K. Yu, P. Yu and Y.J. Guo, "Enabling attribute revocation for fine-grained access control in blockchain -IoT systems," IEEE Transactions on Engineering Management, vol. 67, no. 4, pp. 1213-1230, Feb. 2020.   DOI
3 P.K. Sharma and J.H. Park, "Blockchain based hybrid network architecture for the smart city," Future Generation Computer Systems, vol. 86, pp. 650-655, Sep. 2018.   DOI
4 K. Huang, X. Zhang, Y. Mu, F. Rezaeibagha, X. Du and N. Guizani, "Achieving intelligent trust-layer for Internet-of-Things via self-redactable blockchain," IEEE Transactions on Industrial Informatics, vol. 16, no. 4, pp. 2677-2686, April 2019.   DOI
5 J.H. Lim, J.Y. Chun, G.T. Noh and I.R. Jeong, "GDPR Compliant Blockchain Based Access Control(GCBAC)," Journal of The Korea Institute of Information Security & Cryptology, 30(6), pp. 981-997, Dec. 2020.   DOI
6 S. Angraal, H.M. Krumholz and W.L. Schulz, "Blockchain technology: applications in health care," Circulation: Cardiovascular quality and outcomes, vol. 10, no. 9, e003800, Sep. 2017.   DOI
7 J. Xu, K. Xue, H. Tian, J. Hong, D.S. Wei and P. Hong, "An identity management and authentication scheme based on redactable blockchain for mobile networks," IEEE Transactions on Vehicular Technology vol. 69, no. 6, pp. 6688-6698, June 2020.   DOI
8 G. Ateniese, B. Magri, D. Venturi and E. Andrade, "Redactable blockchain -or- rewriting history in bitcoin and friends," 2017 IEEE European symposium on security and privacy (EuroS&P), pp. 111-126, April 2017.
9 Y. Jia, S.F. Sun, Y. Zhang, Z. Liu and D. Gu, "Redactable Blockchain Supporting Supervision and Self-Management," In Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security, pp. 844-858, May 2021.
10 R. Matzutt, J. Hiller, M. Henze, J.H. Ziegeldorf, D. Mul mann, O. Hohlfeld and K. Wehrle, "A quantitative analysis of the impact of arbitrary blockchain content on bitcoin," In International Conference on Financial Cryptography and Data Security, pp. 420-438, Feb. 2018.
11 A. Azaria, A. Ekblaw, T. Vieira and A. Lippman, "Medrec: Using blockchain for medical data access and permission management," In 2016 2nd international conference on open and big data (IEEE_OBD), pp. 25-30, August 2016.
12 S.S. Jung, S.J. Lee and I.C. Euom, "Delegation-Based Personal Data Processing Request Notarization Framework for GDPR Based on Private Blockchain," Applied Sciences vol. 11, no. 22, pp. 10574, Nov. 2021.   DOI
13 G. Ateniese and B. de Medeiros, "On the key exposure problem in chameleon hashes," In International Conference on Security in Communication Networks, pp. 165-179, Sep. 2004.
14 H. Precht and J.M. Gomez, "Redactable Blockchain-Leveraging Chameleon Hash Functions for a GDPR Compliant Blockchain," In Konferenzband zum Scientific Track der Blockchain Autumn School 2020, pp. 66-70, Dec. 2020.