A Distributed Privacy Preservation Approach for Big Data in Public Health Emergencies Using Smart Contract and SGX

Security and privacy issues have become a rapidly growing problem with the fast development of big data in public health.However,big data faces many ongoing serious challenges in the process of collection,storage,and use.Among them,data security and privacy problems have attracted extensive interest.In an effort to overcome this challenge,this article aims to present a distributed privacy preservation approach based on smart contracts and Intel Software Guard Extensions(SGX).First of all,we define SGX as a trusted edge computing node,design data access module,data protection module,and data integrity check module,to achieve hardware-enhanced data privacy protection.Then,we design a smart contract framework to realize distributed data access control management in a big data environment.The crucial role of the smart contract was revealed by designing multiple access control contracts,register contracts,and history contracts.Access control contracts provide access control methods for different users and enable static access verification and dynamic access verification by checking the user’s properties and history behavior.Register contract contains user property information,edge computing node information,the access control and history smart contract information,and provides functions such as registration,update,and deletion.History contract records the historical behavior information of malicious users,receives the report information of malicious requestors from the access control contract,implements a misbehavior check method to determines whether the requestor has misbehavior,and returns the corresponding result.Finally,we design decentralized system architecture,prove the security properties,and analysis to verify the feasibility of the system.Results demonstrate that our method can effectively improve the timeliness of data,reduce network latency,and ensure the security,reliability,and traceability of data.

Lightweight Mobile Clients Privacy Protection Using Trusted Execution Environments for Blockchain

Nowadays,as lightweight mobile clients become more powerful and widely used,more and more information is stored on lightweight mobile clients,user sensitive data privacy protection has become an urgent concern and problem to be solved.There has been a corresponding rise of security solutions proposed by researchers,however,the current security mechanisms on lightweight mobile clients are proven to be fragile.Due to the fact that this research field is immature and still unexplored in-depth,with this paper,we aim to provide a structured and comprehensive study on privacy protection using trusted execution environment(TEE)for lightweight mobile clients.This paper presents a highly effective and secure lightweight mobile client privacy protection system that utilizes TEE to provide a new method for privacy protection.In particular,the prototype of Lightweight Mobile Clients Privacy Protection Using Trusted Execution Environments(LMCPTEE)is built using Intel software guard extensions(SGX)because SGX can guarantee the integrity,confidentiality,and authenticity of private data.By putting lightweight mobile client critical data on SGX,the security and privacy of client data can be greatly improved.We design the authentication mechanism and privacy protection strategy based on SGX to achieve hardware-enhanced data protection and make a trusted connection with the lightweight mobile clients,thus build the distributed trusted system architecture.The experiment demonstrates that without relying on the performance of the blockchain,the LMCPTEE is practical,feasible,low-performance overhead.It can guarantee the privacy and security of lightweight mobile client private data.