摘要
针对现有果蔬农产品供应链中存在的上下游区块链间追溯数据差异化、细粒度共享困难以及数据隐私保护等问题,通过分析果蔬农产品供应链各环节业务流程,在果蔬农产品质量安全追溯场景下,提出了一种支持异构多链的基于属性的果蔬跨链追溯访问控制模型。该模型利用基于中继链的跨链技术将跨链信息标准化从而实现异构多链之间的跨链通信,并结合果蔬跨链追溯需求,采用基于ABAC(Attribute-based access control)的访问控制模型实现对数据资源灵活、细粒度访问控制。为验证模型有效性,利用BitXHub中继链技术在Hyperledger Fabric和Ethereum构成的异构链中实现跨链数据访问,在跨链合约中实现基于属性的访问控制流程,构建出果蔬追溯跨链访问控制模型的原型系统。系统测试结果表明,中继链处理跨链交易的发送率平均最高值分别约为600笔/s和400笔/s,策略判定时间不会随着策略数目的增加而有较大波动,基本稳定在2 000 ms左右,能够满足果蔬供应链在异构区块链之间跨链数据差异化、细粒度共享的需求,也保证了数据共享过程中的数据隐私性。
Aiming at the problems of traceability data differentiation between upstream and downstream blockchains,difficulties in fine-grained sharing,and data privacy protection existing in the existing supply chain of fruits and vegetables and agricultural products,an attribute-based cross-chain traceability access control model of fruits and vegetables supporting heterogeneous multi-chain was proposed by analyzing the business processes of various links in the supply chain of fruits and vegetables and agricultural products,and in the context of fruit,vegetable and agricultural products quality and safety traceability scenarios.The model used relay chain-based cross-chain technology to standardize crosschain information to achieve cross-chain communication between heterogeneous multi-chains,and combined the cross-chain traceability requirements of fruits and vegetables with the attribute-based access control(ABAC)model to achieve flexible and fine-grained access control on data resources.In order to verify the effectiveness of the model,BitxHub relay chain technology was used to realize cross-chain data access in the heterogeneous chain composed of Hyperledger Fabric and Ethereum,and the attribute-based access control process was implemented in the cross-chain contract,so as to construct a prototype system of the cross-chain access control model for fruit and vegetable traceability.The system test results showed that the average maximum value of the sending rate of the relay chain for processing cross-chain transactions was about 600 t/s and 400 t/s,respectively,and the policy determination time did not fluctuate greatly with the increase of the number of policies,and was basically stable at about 2000 ms,which was able to satisfy the needs of the fruit and vegetable supply chain for the differentiated and finegrained sharing of cross-chain data among heterogeneous blockchains,and also ensured the data sharing process of the data privacy.
作者
杨信廷
李金辉
罗娜
邢斌
孙传恒
YANG Xinting;LI Jinhui;LUO Na;XING Bin;SUN Chuanheng(College of Agricultural Engineering,Jiangsu University,Zhenjiang 212013,China;Research Center of Information Technology,Beijing Academy of Agriculture and Forestry Sciences,Beijing 100097,China;National Engineering Laboratory for Agri-product Quality Traceability,Beijing 100097,China)
出处
《农业机械学报》
EI
CAS
CSCD
北大核心
2023年第12期376-388,共13页
Transactions of the Chinese Society for Agricultural Machinery
基金
国家重点研发计划项目(2022YFD2001804-2)
江苏省科技计划(重点研发计划现代农业)项目(BE2023315)。
关键词
果蔬供应链
异构多链
跨链
访问控制
属性访问控制
fruit and vegetable supply chain
heterogeneous multi-chain
cross-chain
access control
attribute-based access control