Conference PaperPDF Available

IPFS-Blockchain-based Authenticity of Online Publications

Authors:

Abstract and Figures

In this paper, we propose a solution to provide originality and authenticity of published and posted freely online digital content such as books, music, and movies. Our solution utilizes a blend of newly emerging technologies that prima-ry include (InterPlanetary File System) IPFS and blockchain smart contracts. IPFS is used to store digital content with a high integrity and global accessibility to all, and Ethereum smart contract is used to govern, manage, and provide trace-ability and visibility into the history of digital content from its origin to the latest version, in a manner that is decentralized and globally accessed with high integrity, resiliency, and transparency. In the paper, our solution is focused on online book publication, but the solution can be a framework that can be easily extendible and adoptable for, to other digital and multimedia content. The full code of our smart contract is provided, with discussion on implementation and testing of its key functionalities.
Content may be subject to copyright.
IPFS-Blockchain-based Authenticity of Online
Publications
Nishara Nizamuddin, Haya R. Hasan, Khaled Salah
Department of Electrical and Computer Engineering
Khalifa University of Science, Technology and Research
Abu Dhabi, UAE
{nishara.nizamuddin,haya.hasan,khaled.salah}@kustar.ac.ae
Abstract. In this paper, we propose a solution to provide originality and authen-
ticity of published and posted freely online digital content such as books, music,
and movies. Our solution utilizes a blend of newly emerging technologies that
primary include (InterPlanetary File System) IPFS and blockchain smart con-
tracts. IPFS is used to store digital content with a high integrity and global acces-
sibility to all, and Ethereum smart contract is used to govern, manage, and pro-
vide traceability and visibility into the history of digital content from its origin to
the latest version, in a manner that is decentralized and globally accessed with
high integrity, resiliency, and transparency. In the paper, our solution is focused
on online book publication, but the solution can be a framework that can be easily
extendible and adoptable for, to other digital and multimedia content. The full
code of our smart contract is provided, with discussion on implementation and
testing of its key functionalities.
Keywords: Ownership Authenticity, Originality, Online Publishing, Blockchain,
Ethereum, Smart Contracts.
1 Introduction
The Internet and the digital era have unleashed the unique access to information.
With the increased ease in information access and sharing, the authenticity of freely
posted and published digital materials is always questionable. The authenticity of digi-
tal content is a major challenge for today’s online book publishing industry, and digital
content in general, as those of multimedia, movies, music, etc. Digital content, available
on the internet, during its lifetime can be modified, copied, reproduced, translated into
different languages, re-published, and reformatted. There is an immense need for an
appropriate authenticity with the ability to trace and track the publication history of
posted online material to the original author, writer, or artist, with high degree of trust,
credibility, and integrity.
2
In practice, a hardcopy manuscript of a book or newspaper article can be printed,
scanned, digitized, and translated into different languages—resulting in multiple ver-
sions of the original manuscripts which were published by different publishing entities
or individuals. That is, digital content available across various resources such as online
journals, e-books, and websites can indeed be subjected to illegitimate alteration that
ultimately leads to tainted information access. Also, there is a lack of a strict audit to
ensure that the digital book is verifiable, complete and accurate. While e-book is col-
lated and printed from diverse sources, the authenticity and integrity of digital asset is
at stake.
Problem Statement. To date, there exists a lack of authenticity and integrity of dig-
ital content made available online. Freely posted and published online digital contents
are not tampered-proof and their publication history cannot be easily tracked in a cred-
ible, trusted, open, and decentralized manner. As shown in Figure 1, a book can be
published, and re-published by different publishing entities, and thus producing multi-
ple versions of the original book. The book is originally written by the author which
can be made available to public users via various resources such as handwritten manu-
script, physical print media, e-books and Internet sources. The credibility of a digital
document cannot be checked at any point as the publishers are not accountable for the
content published. Furthermore, the readers are totally unaware about the accuracy and
authenticity of the available e-book. Typical readers usually accept the online versions
of digital manuscripts despite being tampered with.
Figure 1 shows the traditional way of public readers accessing digital assets of e-
books from available resources. The original work of the author undergoes various
stages of publication process before it reaches the end user i.e., the readers. Typically,
author writes the book and chooses a main publisher to submit his original work. The
main publisher is granted the publishing permission from the author. Figure 1 illustrates
the scenario where secondary publishers (P
1
, P
2
…P
n
) request for publishing permission
in different versions from the main publisher. The main publisher P grants permission
to the requesting publishers upon agreeing to the terms and conditions are accepted by
both the parties. The same book can have many editions and versions with different
versions being translated in many languages. In today’s book publishing industry, a
certain online book version cannot be traced back to an original author, as information
is usually defragmented and not available to all readers to verify and examine the au-
thenticity and originality of published content.
3
Fig. 1. Production of different versions of an online book through various publishers
Blockchain is a newly emerging and disruptive technology that can be key in provid-
ing a solution to authenticity of digital materials. Blockchain is the underlying technol-
ogy of the cryptocurrency bitcoin, but now is seen as a distributed ledger that can be
accessed globally by anyone to verify stored data and content, with high integrity, re-
siliency, credibility, and above all traceability [1]. All of this is done in de-centralized
manner and without intermediaries. Later, Ethereum smart contracts provided the abil-
ity to upload and execute code that carries out business logic to the blockchain [2,3].
The smart contract code resides on a blockchain as multiple functions with unique ad-
dresses that can be called by any user of the blockchain.
Blockchain, however is an expensive medium for data storage, especially for large
data and digital content. For efficient storage of large data and content, we propose
using IPFS file system. IPFS stands for Inter-Planetary File System [4], which is a dis-
tributed, decentralized file system and a platform to store data and files with high in-
tegrity and resiliency. Fundamentally, IPFS is a peer-to-peer, open source, content ad-
dressable globally distributed file system that can be used for storing and sharing large
volume of files with high throughput. Our proposed solution makes use of both block-
chain smart contracts and IPFS, whereby the digital contents are stored on the IPFS and
the IPFS hashes are stored into the blockchain smart contracts to provide traceability
and authenticity. Specifically, the hash generated on storing the documents to IPFS, can
be stored in the smart contracts effectively and documents can be accessed using the
hash. If there is any change in the content of the digital document, the hash changes, to
show that the original content was modified and altered.
In this paper, we propose a combined IPFS-blockchain-based solution to solve the
authenticity and originality of digital content posted freely on the Internet. In the paper
we show how this problem can be solved for online published books, but our solution
can be extended and adopted for, to other digital and multimedia content. We show how
4
our solution has the ability to trace and track the digital content, with its different pub-
lished versions, back to the certified true copy created by the original author. The main
contributions of this paper can be summarized as follows:
We propose an IPFS-blockchain-based solution and framework for providing
authenticity of published online books and digital content. Our solution provides
decentralized storage and governance with different versions of the original
book being stored, tracked, and traced with high integrity, and resiliency.
We present and discuss the system design and architecture, along with sequence
diagrams to illustrate the interactions among participants which include author,
main publishers, secondary publishers, and readers.
We provide the full code of the smart contract, and discuss key implementation
and testing details to demonstrate the proper operations and functionality of the
overall system.
The remainder of this paper is organized as follows. Section 2 summarizes the re-
lated work. Section 3 presents our proposed solution for improving authenticity of
online books. Section 4 describes key aspects of the implementation and testing of the
smart contract. Section 5 concludes the paper.
2 Related Work
In this section, we provide a brief background on the existing approaches found in the
literature related to authenticity and originality of books in the publishing industry us-
ing blockchain technology. Ericsson [5] proposes a blockchain-based system for track-
ing the origin of digital assets. It is by converting the digital content and books into a
binary file and to store the hash on blockchain. This hash is stored generally with an
identifier for the owner. The paper focusses on the idea that ownership can be verified
by checking the integrity of digital assets at any point of time. This is achieved through
the verification by a centralized unit for security of digital documents such as Security
Operations Center (SOC) to estimate the legitimacy of digital assets. But the system
itself deviates from the decentralized concept as it operates in the presence of a central-
ized security unit and has a precarious state for breach of integrity. Moreover the file
storage is done on a centralized server which can be a single point of failure, corruption,
hacking or compromise.
Gaetani et al [6] propose a verification ID which can be used for blockchain-based
authenticity of digital assets. This ID is inherently a digital block on the blockchain that
can be used for verification of the e-document. That is, whenever an ID is added to the
blockchain, an identification certifying service combines the public key with the
owner’s ID and transfers the ownership of the private key to the user. A blockchain
centered handshake mechanism is employed to ensure authenticity of the e-document.
But this method suffers detrimental effect as it is purely based on the trust factor on the
requesting entity. As the identity of the requesting body is not always reliable in the
5
digital world, the system is not stable enough to provide a secure storage and access of
documents online.
The author in [7] proposes a blockchain-based model for publishing online books
and for providing integrity of the digital document. The author achieves authorship by
storing the book/file hash and the owner’s name in pairs. The author argues that by
storing the hash of the file and the block timestamp as pairs, integrity of the docu-
ment/file can be proved. If the content of the file was modified, then its hash will
change, and the smart contract won’t be able to access the file, therefore proving that
the file content was modified. Sun et al. [8] describes a framework for evaluating the
trust issues when storing online documents in decentralized networks.
In this paper,
authors present a framework to quantitatively measure trust, model trust propagation,
and defend trust evaluation systems against malicious attacks. This system was used to
secure adhoc routing and support to unmask malicious node in a decentralized environ-
ment but is not yet implemented as a real-world application.
The authors in [9] propose a blockchain-based personal data management system to
ensure that document owners have complete authority over their asset. This model fea-
tures a blockchain-based automated online document access control system thereby
eliminating trust in a third party. Blockchain and off–blockchain storage is combined
to construct a management platform which precedes to trust based computing. But the
work does not describe about the feasibility of storing larger files. Morgan [10] presents
the idea of using blockchain technology to prove the existence of a document using the
timestamping concept. The author discusses a method where the document is presented
to a site which in turn converts the document into a cryptographic hash. The hash gen-
erated represents the content of the document. If the original document is presented,
same hash will be generated, notifying that the document is authentic. However, if there
is any modification of content, the newly generated hash will not match with the previ-
ous hash. The legitimacy of the document can be verified, but this system is not focused
about the authority of the owner on his/her document.
Acronis Notary system described in [11] is a blockchain-based notary service which
aims at providing a solution for timestamping digital documents. As blockchain is a
very expensive storage medium for storing large documents, the proposed approach is
to send file hashes to the Notary service. This service calculates hash value, based on
the received file hashes and saves the new hash obtained, on the Ethereum network. A
verification certificate is provided specifying the technical details of the document.
Whenever the document is reflected in user interface, it is shown as ‘notarized’ or ‘cer-
tified’ by Acronis. By doing so, the system gives an assurance to the user that the online
document is identical to the original version, on a bit-by-bit basis. This method supports
providing notarization for document authenticity and a certification that an e-book ex-
isted at some point of time in the chain. But it doesn’t clearly state about the author’s
rights to claim the ownership of digital book in the decentralized environment.
6
3 Proposed Solution
Our solution is based on using IPFS and smart contracts of Ethereum blockchain. IPFS
is used to store the digital content (of the e-book or multimedia files) in a decentralized,
distributed manner that is publicly and globally accessible by all through the use of
IPFS hashes. This IPFS hash is used by the smart contract of Ethereum blockchain to
ensure integrity, originality, and authenticity. The hash value remains the same if the
content of the document or e-book remains intact. If there is an alteration of content
during the publication stages, the IPFS hash for the book changes, and would then not
match the hash stored within the smart contract. Therefore, each participating entity can
track back, and verify the accuracy and history of e-books being stored in the file system
and be assured that the book accessed is a legitimate copy of the author’s work.
3.1 System Architecture and Design
Figure 2 illustrates the overall system architecture and design for automating the online
books authenticity, originality, and integrity using IPFS and Ethereum smart contracts.
The proposed solution uses smart contracts to trigger events that are logged to notify
the participating parties to keep track of events and transaction details. The figure high-
lights the interactions of the smart contract with main participants that include author,
main publisher P, secondary and other publishers, and readers. The participants of the
smart contract can be summarized as follows:
Fig. 2. An overview of the system architecture for automating the online books authenticity using
IPFS and Ethereum smart contracts.
Author: The author or artist is the person who owns the IP and original work of the
book or digital content. The author creates the smart contract and provides permis-
sion for one or more publishers to publish his digital content. The main publisher is
also involved in validating and notarizing the book content presented to it by the
7
publishers. The publisher gets to upload the content on IPFS, only if the notarization
by author is successful. The author also maintains the original hash of the book.
Publisher: The publisher is the entity which obtains permission from the author to
publish the manuscript content in various sources such as web pages, printed books
and e-books. The main responsibility of a publisher is to maintain the digital content
intact as presented by author. /Also, a publisher uploads the digital content to IPFS
and the IPFS hash is stored in the smart contract with the author’s validation and
verification.
Other and Secondary Publishers: A book can be translated into different languages
and can have different versions or editions produced by different publishers who
produced the book in agreement with the original author or with the main publisher.
Readers: Readers are those who request access for legitimate digital books. The
smart contract provides the readers with trace back functionality to verify the origi-
nality of the book. The readers can access the history of notarizations regarding the
originality, authenticity, and integrity of the book.
In our proposed solution, the author initially writes the book, creates the contract
which includes key attributes about the book to include book title, original hash of the
book and author details. Offline, a main publisher seeks publishing permission from the
author after finalizing publishing terms. The publisher, then requests for an approval
from the original author before uploading the book to IPFS, which returns a hash. The
author then examines the stored IPFS file (with the given IPFS hash) to the original
content submitted to the main publisher. The author concludes that the digital manu-
script is uncorrupted and attests the publisher copy. The author has a list of books he
attested, and also the publishers have a list of book versions attested by them.
Readers or other secondary publishers can also request for content validation history,
to know about authenticity of digital manuscript. Once the book is made available on
the IPFS, a reader or a secondary publisher can request for history of validation proof.
This can be needed to make sure that the document has the notarization of the main
publisher from whom publishing permission was granted and the attestation of the orig-
inal author who validated for the main publisher to publish the content. The smart con-
tract has the ability to display the list of attestations for that the e-book along with the
address of the requesting entity, address of the publisher who provided access for the
document and the address of the original author. The validation history helps to track
and trace back the history of attestation provided for the digital documents.
4 Implementation and Testing
Our smart contract was implemented and tested using Remix IDE http://re-
mix.ethereum.org. In this section, we provide the implementation details and focus
primarily on testing the correct interaction and functionality among system participants.
8
Remix IDE offers rich features that make it possible to test and debug smart contracts
prior to deploying them.
4.1 Implementation Details
The code was written in Solidity using the web browser-based IDE, Remix. There are
three entities participating in the contract, author, publisher, readers / secondary pub-
lishers. Each of the entities has an Ethereum address and can participate by calling
functions within the smart contract at certain time stamps. Figure 3, illustrates the mes-
sage sequence diagram for granting publishing permission with a successful attestation
and a failed attestation by author. It shows the interaction between publisher, author
and smart contract.
Fig. 3. Message sequence diagram showing scenarios of successful validation and a failed vali-
dation.
Figure 4 represents the message sequence diagram for successful and failed trace back
of validation history between the requesting readers or secondary publishers, main pub-
lisher and the author. Figure 4 illustrates the flow of
traceBackHistory()
function
and events
ValidationHistorySuccess
and
FailedValidationHistory
on
successful and failed trace back history of attestations respectively.
9
Fig. 4. Message sequence diagram showing scenarios of successful validation trace back and a
history of failed validation trace back.
Next, we show the important code snippets of our smart contract
.
The smart contract
code is available at
Github
To track the state of publishers and their approval results we
use mapping, which represents a key-value pair. We also maintain a mapping to record
a list of approvals by author and the hash provided by publishers during attestation
process. Figure 5 shows mapping where every Ethereum address points to the address
of publishers who submitted request for approval and hashes provided by publishers.
Figure 5 also shows a mapping which consists of a list of books approved by authors
and a mapping consisting of state of publishers.
Fig.5. Mapping of publishers and books attested by author
1
.
Figure 6 represents constructor
OnlineBooksAuthenticity()
which shows that au-
thor is the owner of contract. It comprises of initialization such as the
authorName
,
bookInformation
and most importantly consists of the original book hash. The state
of contract initially is
NotReady
. The author creates the contract and executes the
Cre-
ateContract()
1
function and invokes
ContractCreated
event.
10
Fig.6. Constructor of the smart contract
OnlineBooksAuthenticity()
code
1
Figure 7 demonstrates the
requestApproval()
function for publisher requesting at-
testation from the author. At this stage, the state of the contract is
Created
and the
publisher state will be
ReadyToSubmit
. The publisher state changes to
Submitted-
ForApproval
and the contract state changes to
WaitingToProvideApproval
. The
event
RequestedForApproval
is triggered and the publisher waits for the approval
results (True/False) from the author.
Fig.7. Smart contract function for publisher requesting attestation from author
1
In this paper, we have considered two scenarios based on the approval results provided
by the author for every publisher requesting an attestation or validation before upload-
ing the book to IPFS. We have considered two other scenarios based on the attestation
history results requested by either readers / secondary publisher. The four scenarios are
as follows:
1. If the book validation results i.e.
provideApprovalResult ()
is “True”, the
transaction is successful, and the smart contract directs the publisher to upload
the authentic book to the IPFS and the book is now freely available for readers
to access.
2. If
provideApprovalResult()
yields “False”, the author does not approve
the online book content as the hash submitted by publisher while requesting for
attestation does not match the original hash of the book which is stored in smart
contract. The change in hash clearly indicates, that the original content was
changed / modified. The author triggers an event soliciting the publisher to
amend the content as per original document and to resubmit for attestation.
3. If the attestation history trace back i.e.
traceBackHistory()
is successful,
the list of attestation made for the book is provided to requesting entity.
4. When
traceBackHistory()
is a failure, it indicates that the book accessed
is not validated and hence the requesting entity is provided with the detail that
the book is not an authentic work of author.
4.2 Testing and Validation
In this section, we test the correctness of the interaction among participants, and the
correct functionality of the overall system. Testing of the smart contract ensured that
the flow of the contract followed the correct sequence, validations and refusals of e-
book submitted were tested correctly and the attestation history tack back functionality
11
executed correctly. In this paper, the smart contract is tested for 4 different scenarios.
Figure 8 shows the various testing scenarios carried out. The first test group is on the
approval from author to publish the book. It is further classified for testing two scenar-
ios – Validation success and Failed Validation. The second test group represents readers
or secondary publishers requesting for attestation history details. Test case 2 has two
scenarios: Successful traceability, and Failed traceability. All the test cases are dis-
cussed in detail in the next subsection.
Fig. 8. Smart contract testing scenarios
4.2.1 Test Case 1
Firstly, we test the smart contract for a successful validation scenario. For testing pur-
pose, we consider the Ethereum address of the author to be
0xca35b7d915458ef540ade6068dfe2f44e8fa733c,
the addresses of publishers
who submit the request for attestation or validation to be
0x14723a09acff6d2a60dcdf7aa4aff308fddc160c
for Publisher1 and
0x4b0897b0513fdc7c541b6d9d7e929c4e5364d2db
for Publisher2. We tested,
as shown in Figure 9, the case when the publisher request for a validation to publish
from the author. The event
RequestedForApproval
is triggered and Publisher1 waits
for the author to attest its content.
Fig. 9. Logs showing event
RequestedForApproval
triggered
1
The original hash of the book is
“QmXgm5QVTy8pRtKrTPmoWPGX-
NesehCpP4jjFMTpvGamc1p”.
Firstly, we test for the scenario of successful attesta-
tion/ validation of book by the author with Publisher1. Upon successful attestation,
events
PermissionGrantedToPublish
and
ValidationSuccess
are triggered and
Publisher1 is granted the permission to upload the book on IPFS. Figure 10 shows the
scenario of successful validation provided to Publisher1 by author.
12
Fig.10. Logs showing a successful attestation
1
4.2.2 Test Case 2
Secondly, we test the smart contract for the scenario of a failed validation with Pub-
lisher2. The validation fails because of change in hash provided by Publisher2 while
requesting attestation to publish. The author refuses approval and asks Publisher2 to
resubmit the document after making the necessary amendment. We tested a case, where
Publisher2 submitted a different hash value -
QmYh1A5qcUXXAxE-
PaVmY7Frgw6rGwyUqE5uc71ThtuoAUM”
. Figure 11 shows that the approval failed,
and the author recommends for amendment of content before resubmitting for attesta-
tion again. Events
FailedApproval
and
ReviseContent
are invoked to notify Pub-
lisher2 to amend the book content.
Fig.11. Logs showing a validation failure with events
FailedApproval
&
ReviseContent
triggered
1
4.2.3 Test Case 3
Next, we tested for successful traceability of the attestation history of the document
with a reader whose Ethereum address is
0x583031d1113ad414f02576bd6afabfb302140225.
The reader requests to
13
prove that the document is the original work of the author and has a notarization proof.
Figure 12 represents the scenario where the validation history of the document is ob-
tained successfully displaying the address of Publisher1 from whom the reader obtained
book access, the address of the original author. Event
ValidationHistorySuccess
is triggered and the smart contract assures the reader that the received copy is a legiti-
mate work. The logs also show that the book was initially attested by author and the
readers can confirm that the received book is authentic.
Fig. 12. Logs showing event
ValidationHistorySuccess
triggered to show the content val-
idation history of the book
1
4.2.4 Test Case 4
Lastly, we test for the scenario of attestation trace back failure with
0xdd870fa1b7c4700f2bd7f44238821c26f7392148,
the
address of the second-
ary publisher who requests for attestation history trace back from another publisher
0x583031d1113ad414f02576bd6afabfb302140225.
Figure 13 shows the testing
results. Event
FailedValidationHistory
is invoked as the attestation is not done
by the actual author. This event indicates that the online book requested by the second-
ary publisher is not attested by the Publisher2 to whom the request for validation history
was made.
14
Fig.13. Logs showing event
FailedValidationHistory
invoked
1
5 Conclusion
In this paper, we have proposed a solution to solve the originality and authorship au-
thenticity of freely published and posted online books and documents using IPFS and
Ethereum smart contracts. Our solution is focused on authenticity of online books, but
the solution in terms of architecture, design, sequence diagram, logics, smart contract
code, and overall aspects are generic enough to be easily extended and used to provide
the originality and authenticity, as well as integrity, to all other forms of digital assets.
We implemented and verified the functionalities of the smart contract code using Remix
IDE. As a future work, we plan to deploy the smart contracts on the real IPFS and
Ethereum network and develop frontend Decentralized Applications (DApps) with dif-
ferent views to authors, main publishers, secondary publishers, and readers.
References
1. S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system”. (White paper).
2. K. Toyoda et al., “A Novel Blockchain-
Based Product Ownership Management System
(POMS) for Anti-
Counterfeits in The Post Supply Chain, “in IEEE Access, vol. PP, no.99, pp.
1-1.
3. ‘Ethereum’, http://www.ethdocs.org/en/latest/introduction/what-is-ethereum.html/, last
ac-
cessed 20 December 2017.
4. M. Pors, “Understanding the IPFS White Paper part 2”, https://decentralized.blog/understand-
ing-the-ipfs-white-paper-part-2.html, last accessed 2018/3/18.
5. Ericsson Home Page, Ericsson White Papers – “Industrial Blockchain a
nd Data Integrity”,
https://www.ericsson.com/hyperscale/cloud-infrastructure/data-centric-security/data-integ-
rity-assurance, last accessed 2018/2/16.
6. E. Gaetani , L Aniello, R Baldoni , F Lombardi , A Margheri, and V Sassone,” Blockchain
-
based Database to Ensure Data Integrity in Cloud Computing Environments”, 1
st
Italian Con-
ference on Cyber Security, ITASEC17, pp 146-155, Venice, Italy (2017).
7. N. Prusty, “Building Blockchain projects Develop real-
time practical DApps using Ethereum
and JavaScript”, 1st edition, Packt Publishing Ltd, Birmingham, UK (2017).
15
8. Y. Sun, Z.
Han, W Yu, K.J.R Liu,”A trust evaluation framework in distributed networks: Vul-
nerability analysis and defense against attacks,” INFOCOM 2006. 25th IEEE International
Conference on Computer Communications. Proceedings, pp1-13, Spain (2006).
9. G. Zyskind, O.
Nathan, A Pentland, “Decentralizing Privacy: Using Blockchain to protect
personal data”, Security and Privacy Workshops (SPW), 2015 IEEE Conference Proceedings,
pp 180-184, San Jose, CA, USA (2015).
10. P. Morgan, “Using Blockchain Technology to Prove Exi
stence of a Document”, https://brave-
newcoin.com/news/using-blockchain-technology-to-prove-existence-of-a-document/ last ac-
cessed 2018/2/20.
11. Acronis Inc.
, “Acronis Notary: a new way to prove data authenticity via blockchain”,
https://www.acronis.com/en-us/articles/data-protection, last accessed 2018/2/21.
... There are currently many communication structures (such as Khacef and Pujolle 2019;Sarıtekin et al. 2018;Nizamuddin et al. 2018) and messenger softwares (such as E-chat 1 and CrypViser 2 ) that use blockchain technology; But if we examine them, we will see that they either do not have the complete comprehensiveness for data exchange between sender and receiver as a data exchange system, or if they are comprehensive, they have definitely used centralized structures in one or more sections. This will cause some users to distrust them. ...
... Therefore, it just works for the private network and cannot be used as a messenger on a public network. In the present study, the presented idea in Sarıtekin et al. (2018) and Nizamuddin et al. (2018) were combined to design Simorgh. In the following, both of the presented ideas in Sarıtekin et al. (2018) and Nizamuddin et al. (2018) are described briefly. ...
... In the present study, the presented idea in Sarıtekin et al. (2018) and Nizamuddin et al. (2018) were combined to design Simorgh. In the following, both of the presented ideas in Sarıtekin et al. (2018) and Nizamuddin et al. (2018) are described briefly. ...
Article
Full-text available
Every industry, government and even culture has been affected by the recent progress of modern technology. Communication and the communication industry are no exception to this. Most communication systems operate in a centralize manner; this is in conflict with information security and privacy. These centralize systems cannot offer completely transparent, trustworthy, fast and uninterrupted communication. Decentralized communication systems can be secure and transparent, designed with the aid of blockchain technology. Blockchain technology is currently used extensively in communication systems, but none of them have provided a completely decentralized system for communication. We are looking to design a secure and decentralized data exchange network. In this paper We present Simorgh. Simorgh is a completely secure, decentralized system based on blockchain technology with the ability to exchange data and efficiently in the field of smart contracts in today’s world. To overcome some of the limitations of file saving, The InterPlanetary File System (IPFS) technology has been used in this new system. We also discuss and analyze features and potential advantages of this system. Assuming that the Simorgh blockchain is identical to Ethereum blockchain, a smart contract is simulated.
... Blockchain is an append-only distributed database, so large-scale data can quickly bloat the blockchain and make it expensive and inefficient to scale. To alleviate the storage pressure of the blockchain, we propose a storage scheme that combines blockchain technology and the interplanetary file system (IPFS) [8]. ...
... �� NULL then (7) break; (8) else (9) recovered � recovered ⊕ GBF[j]; (10) end if (11) end for (12) if recovered �� x then (13) J.add(x); (14) end if (15) ...
Article
Full-text available
Data sharing has become a key technology to break down data silos in the big data era. Ciphertext-policy attribute-based encryption (CP-ABE) is widely used in secure data-sharing schemes to realize flexible and fine-grained access control. However, in traditional CP-ABE schemes, the access structure is directly shared along with the ciphertext, potentially leading to users’ private information leakage. Outsourcing data to a centralized third party can easily result in privacy leakage and single-point bottlenecks, and the lack of transparency in data storage and sharing casts doubts whether users’ data are safe. To address these issues, we propose a blockchain-based CP-ABE scheme with partially hidden access structures (BCP-ABE-PHAS) to achieve fine-grained access control while ensuring user privacy. First, we propose an efficient CP-ABE scheme with partially hidden access structures, where the ciphertext size is constant. To assist data decryption, we design a garbled Bloom filter to help users quickly locate the position of wildcards in the access structure. Then, to improve storage efficiency and system scalability, we propose a data storage scheme that combines blockchain technology and the interplanetary file system, ensuring data integrity. Finally, we employ smart contracts for a transparent data storage and sharing process without third-party participation. Security analysis and performance evaluation show that the proposed BCP-ABE-PHAS scheme can preserve policy privacy with efficient storage and low computational overhead.
... Instead of saving healthcare data over Blockchain, we use distributed cloud-based data storage (IPFS) to store encrypted data blocks [23]. e IPFS can be defined as a peer-to-peer distributed file system that aims to connect all Journal of Healthcare Engineering computing nodes with the same system of files [37]. us, IPFS has no single point of failure. ...
... us, IPFS has no single point of failure. Moreover, IPFS can efficiently distribute large amounts of information without duplication [37]. IPFS Storage nodes store encrypted Medical IoT data and encrypted EHRs generated by s-healthcare services in distributed manner. ...
Article
Full-text available
Nowadays, the adoption of Internet of Things (IoT) technology worldwide is accelerating the digital transformation of healthcare industry. In this context, smart healthcare (s-healthcare) solutions are ensuring better and innovative opportunities for healthcare providers to improve patients’ care. However, these solutions raise also new challenges in terms of security and privacy due to the diversity of stakeholders, the centralized data management, and the resulting lack of trustworthiness, accountability, and control. In this paper, we propose an end-to-end Blockchain-based and privacy-preserving framework called SmartMedChain for data sharing in s-healthcare environment. The Blockchain is built on Hyperledger Fabric and stores encrypted health data by using the InterPlanetary File System (IPFS), a distributed data storage solution with high resiliency and scalability. Indeed, compared to other propositions and based on the concept of smart contracts, our solution combines both data access control and data usage auditing measures for both Medical IoT data and Electronic Health Records (EHRs) generated by s-healthcare services. In addition, s-healthcare stakeholders can be held accountable by introducing an innovative Privacy Agreement Management scheme that monitors the execution of the service in respect of patient preferences and in accordance with relevant privacy laws. Security analysis and experimental results show that the proposed SmartMedChain is feasible and efficient for s-healthcare environments.
... As a result, one does not need to verify the identity of the sender but only needs to verify the hash of the content to obtain the data. The combination of the blockchain and IPFS can effectively solve the problem of big data storage [24]. In the design and implementation of this protocol, these technologies are considered to store big data. ...
Article
Full-text available
With the development of blockchain technology, secure and reliable data storage can be provided. Therefore, data uplinks have become a new trend in recent years. However, how to achieve data value remains a problem in the implementation of data transactions. In order to address this problem, this article aimes to discuss a bidirectional and trusted transaction protocol between two different assets in the blockchain system (Bitrans). First, we used the characteristics of different assets, and designed data storage formats. Then, we divided the transaction process into three states to identify the stage of the transaction. Bitrans can be achieved by controlling the state of transactions with a new consensus algorithm based on Practical Byzantine Fault Tolerance (PBFT). Finally, Bitrans was implemented and validated using Hyperledger Fabric. Experiments confirmed that the exchange of different assets can be achieved without excessive computer resources with the above protocol.
... Al fine di garantire sicurezza si sono studiati diversi meccanismi, come ad esempio la combinazione di Blockchain differenti, permissionless e permissioned, per sfruttare i vantaggi di entrambi i tipi 24 . Una soluzione molto utilizzata non solo in ambito sanitario, per garantire l'originalità e l'autenticità dei dati è la combinazione tra InterPlanetary File System (IPFS), usato per memorizzare i contenuti, e gli smart contract usati per governare, gestire e fornire tracciabilità e visibilità nella storia 25 . ...
Chapter
Full-text available
Surveillance of COVID-19 infections remains a major policy challenge, particularly in tracking the health status of individuals. However, the problem of protecting personal data remains a challenge. Blockchain technology provides several tools to ensure that the data collected and managed through some mobile apps could be extremely secure, certified, and immutable, ensuring proper monitoring of infected and vaccinated users using these apps. This study sheds light on the intentions of individuals to use mobile apps based on Blockchain technology to track other infected and (or) vaccinated users in their vicinity. Through an online experiment with an international sample, we manipulated perceived levels of privacy (low levels for traditional mobile apps and high levels for blockchain-based mobile apps) to illuminate the importance of individuals' security concerns on their intentions to use mobile apps to monitor infected and vaccinated individuals. The findings provide important insights for managers, marketers, and policy makers in promoting the use of Blockchain-based mobile apps to prevent and contain the spread of COVID-19 infections.
... This paper proposes a smart contract-based architecture to improve the security and privacy of healthcare big data. The proposed scheme allows users to store, share and access healthcare data by using three core components: distributed application, smart contract and Inter Planetary File System (IPFS) [7]. The distributed application works as a front end part and provides the interface for the users. ...
Article
Big data refers to a very large and diverse set of data that grow at exponential rates. In the modern healthcare system, medical big data face many security issues due to the presence of hackers and malicious users. Nowadays, medical big data are tremendously benefitted by Blockchain technology due to its several features, namely decentralization, confidentiality, security, privacy, etc. Nevertheless, the conventional cloud and client-server-based information storage models in healthcare are suffering from single-point failure, centralized control of data resources and privacy leakage. This paper explores the usages of Blockchain technology to manage the healthcare system by providing a solution to these problems. Here, a distributed scheme is proposed for data management, which is used to implement Blockchain technology in the healthcare sector. The proposed scheme ensures security by specifying rules with a smart contract. Results and discussions show that the proposed scheme is more efficient than the existing schemes.
... The DecSci platform aims to support the whole peer review process, from paper submission to acceptance or rejection, as well as the rating of peer reviews to build a reviewer reputation network. Our platform relies on the two decentralized technologies introduced in Section 2: IPFS and Ethereum Smart Contracts, leveraging on recommendations from literature combining both (Chen, Li, Li, & Zhang, 2017;Nizamuddin, Hasan, & Salah, 2018;Tenorio-Fornés, Hassan, & Pavón, 2018). Both are peer-to-peer networks that provide the foundations of our proposed system. ...
Article
Scientific publication and its Peer Review system strongly rely on a few major industry players controlling most journals (e.g. Elsevier), databases (e.g. Scopus) and metrics (e.g. JCR Impact Factor), while keeping most articles behind paywalls. Critics to such system include concerns about fairness, quality, performance, cost, unpaid labor, transparency, and accuracy of the evaluation process. The Open Access movement has tried to provide free access to the published research articles, but most of the aforementioned issues remain. In such context, decentralized technologies such as blockchain offer an opportunity to experiment with new models for scientific production and dissemination relying on a decentralized infrastructure, aiming to tackle multiple of the current system shortcomings. This paper makes a proposal for an interoperable decentralized system for an open peer review ecosystem, relying on emerging distributed technologies such as blockchain and IPFS. Such system, named “Decentralized Science” (DecSci), aims to enable a decentralized reviewer reputation system, which relies on an Open Access by-design infrastructure, together with transparent governance processes. Two prototypes have been implemented: a proof-of-concept prototype to validate DecSci’s technological feasibility, and a Minimum Viable Product (MVP) prototype co-designed with journal editors. In addition, three evaluations have been carried out: an exploratory survey to assess interest on the issues tackled; two sets of interviews to confirm both the main problems for editors and to validate the MVP prototype; and a cost analysis of the main operations, both execution cost and actual price. Additionally, the paper discusses the multiple interoperability challenges such proposal faces, including an architecture to tackle them. This work finishes with a review of some of the open challenges that this ambitious proposal may face.
Preprint
Full-text available
Medical data involves a large amount of personal information and is highly privacy sensitive. In the age of big data, the increasing informatization of healthcare makes it vital that medical information is stored securely and accurately. However, current medical information is subject to the risk of privacy leakage and difficult to share. To address these issues, this paper proposes a healthcare information security storage solution based on Hyperledger Fabric and the Attribute-Based Access Control (ABAC) framework. The scheme first utilizes attribute-based access control, which allows dynamic and fine-grained access to medical information, and then stores the medical information in the blockchain, which can be secured and tamper-proof by formulating corresponding smart contracts. In addition, this solution also incorporates IPFS technology to relieve the storage pressure of the blockchain. Experiments show that the proposed scheme combining access control of attributes and blockchain technology in this paper can not only ensure the secure storage and integrity of medical information but also has a high throughput when accessing medical information.
Article
Full-text available
For more than a decade now, RFID (Radio Frequency IDentification) technology has been quite effective in providing anti-counterfeits measures in the supply chain. However, the genuineness of RFID tags cannot be guaranteed in the post supply chain since these tags can be rather easily cloned in the public space. In this paper, we propose a novel POMS (Product Ownership Management System) of RFID-attached products for anti-counterfeits that can be used in the post supply chain. For this purpose, we leverage the idea of Bitcoin’s blockchain that anyone can check the proof of possession of balance. With the proposed POMS, a customer can reject the purchase of counterfeits even with genuine RFID tag information, if the seller does not possess their ownership. We have implemented a proof-of-concept experimental system employing a blockchain-based decentralized application platform, Ethereum, and evaluated its cost performance. Results have shown that, typically, the cost of managing the ownership of a product with up to six transfers is less than US$1.
Article
A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending. We propose a solution to the double-spending problem using a peer-to-peer network. The network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof-of-work. The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power. As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they'll generate the longest chain and outpace attackers. The network itself requires minimal structure. Messages are broadcast on a best effort basis, and nodes can leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while they were gone.
Understanding the IPFS White Paper part 2
  • M Pors
M. Pors, "Understanding the IPFS White Paper part 2", https://decentralized.blog/understanding-the-ipfs-white-paper-part-2.html, last accessed 2018/3/18.
Industrial Blockchain and Data Integrity
  • Page Ericsson Home
Ericsson Home Page, Ericsson White Papers -"Industrial Blockchain and Data Integrity", https://www.ericsson.com/hyperscale/cloud-infrastructure/data-centric-security/data-integrity-assurance, last accessed 2018/2/16.
Building Blockchain projects -Develop real-time practical DApps using Ethereum and JavaScript
  • N Prusty
N. Prusty, "Building Blockchain projects -Develop real-time practical DApps using Ethereum and JavaScript", 1st edition, Packt Publishing Ltd, Birmingham, UK (2017).
A trust evaluation framework in distributed networks: Vulnerability analysis and defense against attacks
  • Y Sun
  • Z Han
  • K J Yu
  • Liu
Y. Sun, Z. Han, W Yu, K.J.R Liu,"A trust evaluation framework in distributed networks: Vulnerability analysis and defense against attacks," INFOCOM 2006. 25th IEEE International Conference on Computer Communications. Proceedings, pp1-13, Spain (2006).
Using Blockchain Technology to Prove Existence of a Document
  • P Morgan
P. Morgan, "Using Blockchain Technology to Prove Existence of a Document", https://bravenewcoin.com/news/using-blockchain-technology-to-prove-existence-of-a-document/ last accessed 2018/2/20.
Acronis Notary: a new way to prove data authenticity via blockchain
  • Acronis Inc
Acronis Inc., "Acronis Notary: a new way to prove data authenticity via blockchain", https://www.acronis.com/en-us/articles/data-protection, last accessed 2018/2/21.