摘要
物流中转过程中使用的快递单容易暴露用户的隐私信息,同时服务器的存储不当也增加了隐私泄露的风险。为防止物流用户隐私数据泄露,提出基于区块链和零知识证明的物流用户隐私数据保护方案,使用RSA零知识证明身份认证方法对加入区块链网络的用户进行身份认证,确保真实性和合法性;认证完成则通过访问权限管理方案分配对应权限,获取相应隐私数据,实现数据的安全访问;提出分级加密机制对隐私数据进行混合加密并上传至IPFS,实现数据的安全存储。安全性分析表明该方案能在物流中转、存储和访问中有效保护用户的隐私数据。
The express bill in the process of logistics transfer is easy to expose the users’privacy information,and improper storage of the server also increases the risk of privacy disclosure.In order to prevent the leakage of logistics users’privacy data,this paper proposes a logistics user privacy data protection scheme based on blockchain and zero knowledge proof.RSA zero-knowledge proof authentication method is used to authenticate the identity of users who join the blockchain network to ensure authenticity and legitimacy.After the authentication is completed,the corresponding permission is assigned through the access rights management scheme to obtain the corresponding privacy data and realize the secure access of the data.In addition,hierarchical encryption mechanism is proposed to encrypt the private data and upload it to IPFS to realize the secure storage of data.The security analysis shows that the proposed scheme can effectively protect users’private data in the process of logistics transfer,storage and access.
作者
刘明瑶
余益民
LIU Ming-yao;YU Yi-min(Information Institute,Yunnan University of Finance and Economics;Information Management Center,Yunnan University of Finance and Economics,Kunming 650221,China)
出处
《软件导刊》
2021年第5期153-157,共5页
Software Guide
关键词
物流隐私保护
区块链
零知识证明
身份认证
logistics privacy protection
blockchain
zero knowledge proof
identity authentication
