A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains
dc.contributor.author | Zhang, X | |
dc.contributor.author | Liu, C | |
dc.contributor.author | Chai, KK | |
dc.contributor.author | Poslad, S | |
dc.date.accessioned | 2021-03-30T15:16:56Z | |
dc.date.available | 2020-08-12 | |
dc.date.available | 2021-03-30T15:16:56Z | |
dc.date.issued | 2020-09 | |
dc.identifier.other | ARTN 4681 | |
dc.identifier.uri | https://qmro.qmul.ac.uk/xmlui/handle/123456789/70970 | |
dc.description.abstract | Permissioned blockchains can be applied for sharing data among permitted users to authorise the data access requests in a permissioned blockchain. A consensus network constructed using pre-selected nodes should verify a data requester’s credentials to determine if he or she have the correct permissions to access the queried data. However, current studies do not consider how to protect users’ privacy for data authorisation if the pre-selected nodes become untrusted, e.g., the pre-selected nodes are manipulated by attackers. When a user’s credentials are exposed to pre-selected nodes in the consensus network during authorisation, the untrusted (or even malicious) pre-selected nodes may collect a user’s credentials and other private information without the user’s right to know. Therefore, the private data exposed to the consensus network should be tightly restricted. In this paper, we propose a challenge-response based authorisation scheme for permissioned blockchain networks named Challenge-Response Assisted Access Authorisation (CRA3) to protect users’ credentials during authorisation. In CRA3, the pre-selected nodes in the consensus network do not require users’ credentials to authorise data access requests to prevent privacy leakage when these nodes are compromised or manipulated by attackers. Furthermore, the computational burden on the consensus network for authorisation is reduced because the major computing work of the authorisation is executed by the data requester and provider in CRA3. | en_US |
dc.publisher | MDPI | en_US |
dc.relation.ispartof | SENSORS | |
dc.rights | This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. | |
dc.rights | Attribution 3.0 United States | * |
dc.rights.uri | http://creativecommons.org/licenses/by/3.0/us/ | * |
dc.subject | privacy enhancement | en_US |
dc.subject | permissioned blockchain | en_US |
dc.subject | access control | en_US |
dc.subject | decentralised network | en_US |
dc.title | A Challenge-Response Assisted Authorisation Scheme for Data Access in Permissioned Blockchains | en_US |
dc.type | Article | en_US |
dc.rights.holder | © 2020, The Author(s) | |
dc.identifier.doi | 10.3390/s20174681 | |
pubs.author-url | http://gateway.webofknowledge.com/gateway/Gateway.cgi?GWVersion=2&SrcApp=PARTNER_APP&SrcAuth=LinksAMR&KeyUT=WOS:000569742900001&DestLinkType=FullRecord&DestApp=ALL_WOS&UsrCustomerID=612ae0d773dcbdba3046f6df545e9f6a | en_US |
pubs.issue | 17 | en_US |
pubs.notes | Not known | en_US |
pubs.publication-status | Published | en_US |
pubs.volume | 20 | en_US |
rioxxterms.funder | Default funder | en_US |
rioxxterms.identifier.project | Default project | en_US |
Files in this item
Files | Size | Format | View |
---|---|---|---|
There are no files associated with this item. |
This item appears in the following Collection(s)
Except where otherwise noted, this item's license is described as This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.