Cui, S., Asghar, M. R., Russello, G..
2018.
Towards Blockchain-Based Scalable and Trustworthy File Sharing. 2018 27th International Conference on Computer Communication and Networks (ICCCN). :1-2.
In blockchain-based systems, malicious behaviour can be detected using auditable information in transactions managed by distributed ledgers. Besides cryptocurrency, blockchain technology has recently been used for other applications, such as file storage. However, most of existing blockchain- based file storage systems can not revoke a user efficiently when multiple users have access to the same file that is encrypted. Actually, they need to update file encryption keys and distribute new keys to remaining users, which significantly increases computation and bandwidth overheads. In this work, we propose a blockchain and proxy re-encryption based design for encrypted file sharing that brings a distributed access control and data management. By combining blockchain with proxy re-encryption, our approach not only ensures confidentiality and integrity of files, but also provides a scalable key management mechanism for file sharing among multiple users. Moreover, by storing encrypted files and related keys in a distributed way, our method can resist collusion attacks between revoked users and distributed proxies.
Kuperberg, M..
2020.
Towards Enabling Deletion in Append-Only Blockchains to Support Data Growth Management and GDPR Compliance. 2020 IEEE International Conference on Blockchain (Blockchain). :393–400.
Conventional blockchain implementations with append-only semantics do not support deleting or overwriting data in confirmed blocks. However, many industry-relevant use cases require the ability to delete data, especially when personally identifiable information is stored or when data growth has to be constrained. Existing attempts to reconcile these contradictions compromise on core qualities of the blockchain paradigm, as they include backdoor-like approaches such as central authorities with elevated rights or usage of specialized chameleon hash algorithms in chaining of the blocks. The contribution of this paper is a novel architecture for the blockchain ledger and consensus, which uses a tree of context chains with simultaneous validity. A context chain captures the transactions of a closed group of entities and persons, thus structuring blocks in a precisely defined way. The resulting context isolation enables consensus-steered deletion of an entire context without side effects to other contexts. We show how this architecture supports truncation, data rollover and separation of concerns, how the GDPR regulations can be fulfilled by this architecture and how it differs from sidechains and state channels.
Kinkelin, Holger, Hauner, Valentin, Niedermayer, Heiko, Carle, Georg.
2018.
Trustworthy configuration management for networked devices using distributed ledgers. NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium. :1–5.
Numerous IoT applications, like building automation or process control of industrial sites, exist today. These applications inherently have a strong connection to the physical world. Hence, IT security threats cannot only cause problems like data leaks but also safety issues which might harm people. Attacks on IT systems are not only performed by outside attackers but also insiders like administrators. For this reason, we present ongoing work on a Byzantine fault tolerant configuration management system (CMS) that provides control over administrators, restrains their rights, and enforces separation of concerns. We reach this goal by conducting a configuration management process that requires multi-party authorization for critical configurations to prevent individual malicious administrators from performing undesired actions. Only after a configuration has been authorized by multiple experts, it is applied to the targeted devices. For the whole configuration management process, our CMS guarantees accountability and traceability. Lastly, our system is tamper-resistant as we leverage Hyperledger Fabric, which provides a distributed execution environment for our CMS and a blockchain-based distributed ledger that we use to store the configurations. A beneficial side effect of this approach is that our CMS is also suitable to manage configurations for infrastructure shared across different organizations that do not need to trust each other.