ArticlePDF Available

A Secure Data Sharing Platform using Blockchain and IPFS

Authors:

Abstract and Figures

In a research community, data sharing is an essential step to gain maximum knowledge from the prior work. Existing data sharing platforms depend on trusted third party (TTP). Due to the involvement of TTP, such systems lack trust, transparency, security, and immutability. To overcome these issues, this paper proposed a blockchain-based secure data sharing platform by leveraging the benefits of interplanetary file system (IPFS). A meta data is uploaded to IPFS server by owner and then divided into n secret shares. The proposed scheme achieves security and access control by executing the access roles written in smart contract by owner. Users are first authenticated through RSA signatures and then submit the requested amount as a price of digital content. After the successful delivery of data, the user is encouraged to register the reviews about data. These reviews are validated through Watson analyzer to filter out the fake reviews. The customers registering valid reviews are given incentives. In this way, maximum reviews are submitted against every file. In this scenario, decentralized storage, Ethereum blockchain, encryption, and incentive mechanism are combined. To implement the proposed scenario, smart contracts are written in solidity and deployed on local Ethereum test network. The proposed scheme achieves transparency, security, access control, authenticity of owner, and quality of data. In simulation results, an analysis is performed on gas consumption and actual cost required in terms of USD, so that a good price estimate can be done while deploying the implemented scenario in real set-up. Moreover, computational time for different encryption schemes are plotted to represent the performance of implemented scheme, which is shamir secret sharing (SSS). Results show that SSS shows the least computational time as compared to advanced encryption standard (AES) 128 and 256.
Content may be subject to copyright.
A preview of the PDF is not available
... Fuzzy AHP: AHP is a procedure for assessing the significance of a range of processes in a problem in order to solve complicated decision-making problems [37][38][39][40]. The AHP method divides a multi-criteria selection challenge into a series of interconnected judgments. ...
... Step 2: Triangular fuzzy numbers are used to calculate the assessment component weights. This study employs TFNs for paired comparisons as well as computes fuzzy Fuzzy AHP: AHP is a procedure for assessing the significance of a range of processes in a problem in order to solve complicated decision-making problems [37][38][39][40]. The AHP method divides a multi-criteria selection challenge into a series of interconnected judgments. ...
... Moreover, the true AHP concept seems to have some flaws. The AHP technique is used well in most crisp-information judgment implementations; the AHP method generates and deals with a quite imbalanced scale of judgment [38,40]. The AHP technique ignores the ambiguity related to the process involved. ...
Article
Full-text available
The majority of medical equipment in use today does not have built-in security features. As a result, whether linked to a hospital system or the cloud, these devices’ built-in weaknesses make them vulnerable to a variety of cyberattacks. In hospitals and clinics, hackers can breach equipment, manipulate data, and disrupt facilities, putting patients’ health as well as their lives in jeopardy. A professional can manage cybersecurity threats by lowering the attack surface of the system. Security analysis, whether as a means to detect possible vulnerabilities that can be exploited by attackers or as a means to prevent cyberattacks, plays an important role in risk mitigation. In addition, throughout the pre-market and post-market phases, security checks are required. This study presents a paradigm for incorporating security check concepts into medical device design and development and healthcare big data security. The security of devices and healthcare data is tested by the integrated fuzzy AHP-TOPSIS method. After the security check of devices, with the parameters security-checked for data, the algorithm is designed and implemented. As a result, the appropriate customized security controls are prompted in order to impede the attack.
... Naz et al. [28] implemented using the ethereum smart contracts. In their system access control system is applied and the method is implemented for the data access controls using the smart contracts. ...
Article
Full-text available
Blockchain technology is popular due to properties such as immutability, transparency, distributed storage, and control decentralisation. Student certificates and skill verification are used for job applications and other purposes. Forgery of certificates with centralised authority is a major issue in online education. This challenge can be solved by using blockchain-based certificate management for students and skill evidence management for employees. However, these types of certificate managements have many issues like security and privacy breaches, fear of cyber-attack, hijacking of the session, identity theft of participants, etc. Because blockchain uses cryptographic hash and digital signature for sending and verifying transactions in blockchain peer-to-peer networks, we can overcome many security and privacy difficulties. We proposed a system that generates the identity of students using the tokens and stores them in the interplanetary file system (IPFS). The proposed system makes use of IPFS and EdDSA (Edward-curve Digital Signature Algorithm) for digital signature and verification, as well as SHA-256 for cryptographic hashing. Our proposed system results provide the transaction speed, time required for per transaction, and time required for signing and verifying a transaction. We compare our proposed system with the previously developed systems in terms of privacy, transaction cost, large file storage, blockchain implementation and registration cost.
... Naz et al. [10] present a data sharing platform using various technologies, including a blockchain, an interplanetary file system, and secret sharing. Shamir's secret sharing scheme is used to divide file hash into multiple shares. ...
Article
Full-text available
The topic of this contribution is the practical use of secret sharing schemes in securing private data. In the first part, we focus on the security model and the overview of the available solutions. In the second part, we describe our solution for storing sensitive data in commercial cloud storage systems, an application called Datachest. The application uploads the data in encrypted form. Cryptographic keys are divided into shares. Each cloud receives one share. This solution improves the security of users’ sensitive data in the cloud. In the final part, we explore the ramifications of secret sharing on the security and management of IoT devices, especially home appliances.
Article
The rapid development of computing devices and automation in various fields drastically increased the growth of data, which promotes the usage of Machine Learning (ML) techniques to get insights from the generated data. However, data processed by ML algorithms lead to several privacy issues, including leakage of users' biometric data while sharing it through the network to train the object detection model. Therefore, Federated Learning (FL) was introduced, in which the models are trained locally; only model parameters are shared between Central Authority (CA) and end nodes. They will eventually maintain a common model for all the participating devices. However, many problems are associated with FL, such as the difference in data consumption rate, training capabilities, geographical challenges, and storage capacity. These problems might lead to differences in the common global model and thus an inefficient FL approach. Moreover, the presence of a CA results in a single point of failure and is vulnerable to various attacks. Motivated by the aforementioned discussion, in this paper, we propose a Blockchain-based object detection scheme using FL that eliminates the CA by using distributed InterPlanetary File system (IPFS). Global models can be aggregated periodically when several local model parameters are uploaded on the IPFS. Nodes can fetch the global model from the IPFS. The global aggregated object detection model has been evaluated for various scenarios such as human face detection, animal detection, unsafe content detection, noteworthy vehicle detection, and performance evaluation parameters such as accuracy, precision, recall, and end-to-end latency. Compared to traditional models, the proposed model achieved an average accuracy of 92.75% on the object detection scenarios mentioned above.
Chapter
Blockchain since 2009 has been gaining more popularity in various fields to use in numerous applications to overcome the security issues such as privacy, transparency, and mutability of data in the process of data sharing. Process of data sharing has many addressed and unaddressed challenges such as information encryption and decryption, data authentication, storage security, latency time, transfer speed of data, detecting malicious nodes, prevent the computer system from attacks, trust in the sharing process. In this chapter, the authors have reviewed the data sharing paper based on blockchain technology and presented the analysis of various techniques used in the information sharing process. The comprehensive analysis is categorizing in the following areas like incentive mechanism-based work, IoT-based data sharing, healthcare data sharing, and internet of vehicle data sharing using blockchain.
Article
The use of the Cloud computing has been constantly on the rise. However, there are many challenges associated with the Cloud, such as high bandwidth requirements, data security, vendor lock-in and others. The recent rise of decentralized file systems (DFSs) can help mitigate some of these challenges. However, they have some limitations of their own and the current solutions do not provide any mechanism for implementing access control policies. This becomes a hurdle for migrating sensitive data from the Cloud as the associated authorization policies cannot be migrated to the DFSs. In this paper, the authors address the problem of migrating data, and associated authorization policies, from the Cloud to the DFS. They have applied the approach on the content and policies from an actual Cloud provider and it migrates data from AWS S3 to the IPFS and the resource-based authorization policies specified at AWS are added to a custom blockchain solution. The authors have provided implementation details to justify the practicality of the approach.
Article
Full-text available
In this paper, we propose a blockchain-based solution and framework for document sharing and version control to facilitate multiuser collaboration and track changes in a trusted, secure, and decentralized manner, with no involvement of a centralized trusted entity or third party. This solution is based on utilizing Ethereum smart contracts to govern and regulate the document version control functions among the creators and developers of the document and its validators. Moreover, our solution leverages the benefits of IPFS (InterPlanetary File System) to store documents on a decentralized file system. The proposed solution automates necessary interactions among multiple actors comprising developers and approvers. Smart contracts have been developed using Solidity language, and their functionalities were tested using the Remix IDE (Integrated Development Environment). The paper demonstrates that our smart contract code is free of commonly known security vulnerabilities and attacks. The code has been made publically available at Github.
Article
Full-text available
Access and utilization of data are central to the cloud computing paradigm. With the advent of the Internet of Things (IoT), the tendency of data sharing on the cloud has seen enormous growth. With data sharing comes numerous security and privacy issues. In the process of ensuring data confidentiality and fine-grained access control to data in the cloud, several studies have proposed Attribute-Based Encryption (ABE) schemes, with Key Policy-ABE (KP-ABE) being the prominent one. Recent works have however suggested that the confidentiality of data is violated through collusion attacks between a revoked user and the cloud server. We present a secured and efficient Proxy Re-Encryption (PRE) scheme that incorporates an Inner-Product Encryption (IPE) scheme in which decryption of data is possible if the inner product of the private key, associated with a set of attributes specified by the data owner, and the associated ciphertext is equal to zero 0 . We utilize a blockchain network whose processing node acts as the proxy server and performs re-encryption on the data. In ensuring data confidentiality and preventing collusion attacks, the data are divided into two, with one part stored on the blockchain network and the other part stored on the cloud. Our approach also achieves fine-grained access control.
Article
Full-text available
To date, there is a considerable lack of transparency in the sales of digital assets between the author and providers of the digital assets-which typically leads to denying the authors from receiving their fair share of royalty. This paper proposes a blockchain-based framework and solution for online publishing and sale of digital assets. The solution is based on utilizing smart contracts of Ethereum Blockchain to govern the sales of e-books and ensure that the payment is dispersed in cryptocurrency as agreed among the publisher(s) and the author. Our solution handles cases related to incentives for both publishers and customers to ensure integral delivery of the digital books, failure of downloads, and refunds. We provide the full code of the Ethereum smart contract, and we also performed security vulnerability analysis to ascertain that our smart contract is bug-free and secure against known attacks and vulnerabilities.
Article
Full-text available
Internet of Things (IoT)-based devices, especially those used for home automation, consist of their own sensors and generate many logs during a process. Enterprises producing IoT devices convert these log data into more useful data through secondary processing; thus, they require data from the device users. Recently, a platform for data sharing has been developed because the demand for IoT data increases. Several IoT data marketplaces are based on peer-to-peer (P2P) networks, and in this type of marketplace, it is difficult for an enterprise to trust a data owner or the data they want to trade. Therefore, in this study, we propose a review system that can confirm the reputation of a data owner or the data traded in the P2P data marketplace. The traditional server-client review systems have many drawbacks, such as security vulnerability or server administrator’s malicious behavior. However, the review system developed in this study is based on Ethereum smart contracts; thus, this system is running on the P2P network and is more flexible for the network problem. Moreover, the integrity and immutability of the registered reviews are assured because of the blockchain public ledger. In addition, a certain amount of gas is essential for all functions to be processed by Ethereum transactions. Accordingly, we tested and analyzed the performance of our proposed model in terms of gas required.
Article
Full-text available
There is an immense need of a Proof of Delivery (PoD) of todays digital media and content, especially those that are subject to payment. Current PoD systems are mostly centralized and heavily dependent on a Trusted Third Party (TTP) especially for payment. Such existing PoD systems often lack security, transparency and visibility, and are not highly credible, as the TTP can be subject to failure, manipulation, corruption, compromise and hacking. Blockchain is used to create a decentralized solution. Utilizing blockchain’s immutable and tamper-proof logs, accountability and auditability can be easily achieved. Ethereum which makes blockchain a programmable distributed ledger is used in our implemented solution to create a PoD solution for the digital media. The solution uses a smart contract to allow customers to request the content and be uniquely identified using tokens derived from their Ethereum Addresses (EA). The solution involves the owner of the digital media, the file server and the customers. All participating entities are incentivized to act honestly. Our solution includes off-chain secure download activity involving the file server and the customers. A security analysis of our proposed system has been provided. The full code of the Smart Contract has been made publicly available on Github.
Article
The previous blockchain data transmission techniques in industrial Internet of Things (IoT) have low security, high management cost of the trading center, and big difficulty in supervision. To address these issues, this paper proposes a secure FaBric blockchain-based data transmission technique for industrial IoT. This technique uses the blockchain-based dynamic secret sharing mechanism. A reliable trading center is realized using the power blockchain sharing model, which can also share power trading books. The power data consensus mechanism and dynamic linked storage are designed to realize the secure matching of the power data transmission. Experiments show that the optimized FaBric power data storage and transmission has high security and reliability. The proposed technique can improve the transmission rate and packet receiving rate by 12% and 13%, respectively. Moreover, the proposed technique has good superiority in sharing management and decentralization.
Chapter
Access control is a crucial part of a system’s security, restricting what actions users can perform on resources. Therefore, access control is a core component when dealing with e-Health data and resources, discriminating which is available for a certain party. We consider that current systems that attempt to assure the share of policies between facilities are mostly centralized, being prone to system’s and network’s faults and do not assure the integrity of policies lifecycle. Using a blockchain as store system for access policies we are able to ensure that the different entities have knowledge about the policies in place while maintaining a record of all permission requests, thus assuring integrity, auditability and authenticity.
Article
The cryptosystem-based data privacy preserving methods employ high computing power of cloud servers, where the main feature is to allow resource sharing and provide multi-user independent services. Therefore, to achieve the rapid allocation and release of resource sharing in cloud computing, decentralized cryptographic protocols need to be proposed for multi-user consensus systems. In this work, we first present a multi-secret sharing scheme with multi-level access structure, where the secret reconstruction algorithm satisfies the additive homomorphism. The secret sharing scheme needs no trusted third parties and any user can play the role of dealer. In the designing, multiple target secrets are independently shared, where each subset of users forms a sub-access structure and shares one target secret only with a short secret share. This scheme is efficient and unconditionally secure. Furthermore, based on the multi-level access structures, a decentralized multi-role e-voting protocol is designed using Chinese Remainder Theorem, where each role’s election is associated with one sub-access structure. The voters employ a shared parameter to blind the sum of ballot values. Meanwhile, the e-voting scheme supports a public verification for the final election results. Compared with the existing e-voting protocols, our e-voting system does not require any authority center and the cloud server runs vote counting. And our e-voting scheme does not need any high-complexity computational cost operation such as module exponential operation, etc. Finally, the common feature of Blockchain and Ad Hoc networks is decentralized. Thus the main idea of this protocol without a trusted third party can be used to achieve a secure consensus among multiple nodes in Blockchain and Ad Hoc network, meanwhile, the consensus results can be verified.
Article
Attribute-based encryption, especially ciphertext-policy attribute-based encryption, plays an important role in the data sharing. In the process of data sharing, the secret key does not contain the specific information of users, who may share his secret key with other users for benefits without being discovered. In addition, the attribute authority can generate the secret key from any attribute set. If the secret key is abused, it is difficult to judge whether the abused private key comes from users or the attribute authority. Besides, the access control structure usually leaks sensitive information in a distributed network, and the efficiency of attribute-based encryption is a bottleneck of its applications. Fortunately, blockchain technology can guarantee the integrity and non-repudiation of data. In view of the above issues, an efficient and privacy-preserving traceable attribute-based encryption scheme is proposed. In the proposed scheme, blockchain technologies are used to guarantee both integrity and non-repudiation of data, and the ciphertext can be quickly generated by using the pre-encryption technology. Moreover, attributes are hidden in anonymous access control structures by using the attribute bloom filter. When a secret key is abused, the source of the abused secret key can be audited. Security and performance analysis show that the proposed scheme is secure and efficient.
Article
In recent years, there have been efforts to deploy blockchain in a broad range of applications and in different domains, such as the critical infrastructure sectors. Generally, blockchain can be leveraged to establish a fair and transparent data sharing environment, where unauthorized modification to the data can be audited and traced. There are, however, known limitations of blockchain-based solutions, such as a significantly weakened networking control capability due to the distributed nature of such solutions. In addition, decisions recorded on a blockchain cannot be changed and there is the risk of majority attack (also known as 51% attack). Seeking to mitigate these limitations, in this paper we propose a controllable blockchain data management (CBDM) model that can be deployed in a cloud environment. We then evaluate its security and performance, in order to demonstrate utility.