摘要
文章提出一种基于智能合约的个人隐私数据保护方法,利用区块链技术,在无须可信中心的前提下,将用户与服务提供商之间的个人交易记录存储在区块链上,作为交易存在性的可靠法律凭证,防止利用用户取证困难而实施个人信息盗窃的犯罪行为。个人信息的实际内容不会存储在区块链上,只有交易记录在区块链上加密存储,只有交易相关方可以进行解密查看,保障了用户隐私。同时,针对个人信息的交易创建、交易失效、交易修改设计了3种智能合约,对交易进行失效和修改并不会使之前的交易信息丢失,个人交易记录一经上链即可永久作为交易存在性的可靠证明。最后,通过NS-3网络模拟器进行仿真实验,结果表明该方法具有可行性。
This paper proposes a personal information management method based on smart contracts.Using blockchain technology,it can store personal information transaction records between users and service providers on the blockchain without a trusted center.It can provide reliable legal evidence for the existence of the transaction,to prevent third parties from using the user's difficulty of obtaining evidence to commit criminal acts of personal information theft.The specific content of personal information is not stored on the blockchain,only the transaction records are encrypted and stored on the blockchain,and only the transaction-related parties can decrypt and view,which effectively protects the privacy of users.At the same time,this paper designs three smart contracts for personal information transaction creation,transaction invalidation,and transaction modification.The invalidation and modification of the transaction does not cause the previous transaction information to be lost,and the personal information transaction record can be permanently used as a reliable proof of the existence of the transaction once it is uploaded to the blockchain.Finally,the NS-3 network simulator is used to conduct simulation experiments,the experimental results prove that the method is feasible.
作者
姜楠
王玮琦
王健
JIANG Nan;WANG Weiqi;WANG Jian(Faculty of Information Technology,Beijing University of Technology,Beijing 100124,China;Beijing Key Laboratory of Trusted Computing,Beijing 100124,China;National Engineering Laboratory for Critical Technologies of Information Security Classified Protection,Beijing 100124,China;Beijing Key Laboratory of Security and Privacy in Intelligent Transportation,Beijing 100044,China;School of Computer and Information Technology,Beijing Jiaotong University,Beijing 100044,China)
出处
《信息网络安全》
CSCD
北大核心
2020年第11期22-31,共10页
Netinfo Security
基金
国家自然科学基金[61502016]
教育部-中国移动科研基金[MCM20170402,MCM20180503]。
关键词
区块链
智能合约
隐私数据
个人信息保护
blockchain
smart contract
privacy data
personal information protection