摘要
现有结合区块链保护个人数据的方案在授权第三方服务时多将用户的个人数据地址分享给第三方服务,在用户撤销对第三方服务的访问权限后,第三方服务仍然拥有个人数据地址。为避免用户数据泄露,通过采用链下存储的方式,提出一种基于区块链的匿名地址管理方案。利用资源服务处理个人数据的加密地址,并限制第三方服务只能获得用户个人数据地址的加密密文,使用户在修改对指定第三方服务的访问权限后,能够通过更改智能合约的访问策略实现细粒度访问控制。在此基础上,利用以太坊平台设计个人数据管理系统,使用Solidity语言编写智能合约,从而实现对个人数据的保护。该方案具有通用性,可由不同的区块链平台实现,合约部署后的调用结果以及对合约进行50次和500次的性能测试结果验证了其有效性和安全性。
Most personal data protection schemes combined with block chain share the address of user’s personal data to the Third Party(TP)service when authorizing them.Even if the user revokes the access right to the TP service,they still have the address of personal data.To avoid user data leakage,this paper proposes an anonymous address management scheme based on blockchain by using off-chain storage.The Resource Service(RS)is used to process the encrypted address of personal data,and the TP service is restricted to obtain the encrypted ciphertext of the user’s personal data address.After modifying the access rights of the designated TP service,users can achieve fine-grained access control by modifying the access policy of the smart contract. On this basis,the personal data management system is designed by using the Ethereum platform,and the smart contract is written in Solidity to realize the protection of personal data.The general scheme can be realized on different blockchain platforms.Its effectiveness and security are also demonstrated by the results of calling the deployed contract and the50 and500 times of performance tests.
作者
纪露生
张桂玲
杨佳润
JI Lusheng;ZHANG Guiling;YANG Jiarun(School of Computer Science and Technology,Tiangong University,Tianjin 300387,China;Tianjin Key Laboratory of Autonomous Intelligent Technology and System,Tianjin 300387,China)
出处
《计算机工程》
CAS
CSCD
北大核心
2021年第2期176-181,187,共7页
Computer Engineering
关键词
区块链
个人数据
第三方服务
链下存储
加密地址
blockchain
personal data
Third Party(TP)service
off-chain storage
encrypted address
