计算机科学
可追溯性
计算机安全
访问控制
加密
块链
智能合约
过程(计算)
业务流程
保密
供应链
过程管理
软件工程
在制品
业务
操作系统
营销
作者
Edoardo Marangone,Claudio Di Ciccio,Ingo Weber
出处
期刊:Cornell University - arXiv
日期:2022-07-18
标识
DOI:10.48550/arxiv.2207.08484
摘要
Multi-party business processes are based on the cooperation of different actors in a distributed setting. Blockchains can provide support for the automation of such processes, even in conditions of partial trust among the participants. On-chain data are stored in all replicas of the ledger and therefore accessible to all nodes that are in the network. Although this fosters traceability, integrity, and persistence, it undermines the adoption of public blockchains for process automation since it conflicts with typical confidentiality requirements in enterprise settings. In this paper, we propose a novel approach and software architecture that allow for fine-grained access control over process data on the level of parts of messages. In our approach, encrypted data are stored in a distributed space linked to the blockchain system backing the process execution; data owners specify access policies to control which users can read which parts of the information. To achieve the desired properties, we utilise Attribute-Based Encryption for the storage of data, and smart contracts for access control, integrity, and linking to process data. We implemented the approach in a proof-of-concept and conduct a case study in supply-chain management. From the experiments, we find our architecture to be robust while still keeping execution costs reasonably low.
科研通智能强力驱动
Strongly Powered by AbleSci AI