Journal of Computer Applications ›› 2024, Vol. 44 ›› Issue (4): 1148-1157.DOI: 10.11772/j.issn.1001-9081.2023040529
Special Issue: 网络空间安全
• Cyber security • Previous Articles Next Articles
Meihong CHEN1, Lingyun YUAN1,2(), Tong XIA1
Received:
2023-05-06
Revised:
2023-08-03
Accepted:
2023-08-07
Online:
2023-12-04
Published:
2024-04-10
Contact:
Lingyun YUAN
About author:
CHEN Meihong, born in 1999, M. S.candidate. Her research interests include blockchain, access control, federated learning.Supported by:
通讯作者:
袁凌云
作者简介:
陈美宏(1999—),女(土家族),湖北恩施人,硕士研究生,主要研究方向:区块链、访问控制、联邦学习基金资助:
CLC Number:
Meihong CHEN, Lingyun YUAN, Tong XIA. Data classified and graded access control model based on master-slave multi-chain[J]. Journal of Computer Applications, 2024, 44(4): 1148-1157.
陈美宏, 袁凌云, 夏桐. 基于主从多链的数据分类分级访问控制模型[J]. 《计算机应用》唯一官方网站, 2024, 44(4): 1148-1157.
Add to citation manager EndNote|Ris|BibTeX
URL: https://www.joca.cn/EN/10.11772/j.issn.1001-9081.2023040529
角色 | 等级 | 权限 | 安全等级 |
---|---|---|---|
Admin | Ⅲ级 | R、Wall、Q、Uall、D | 4 |
DO | Ⅱ级 | R、Wown、Q、Uown、D | |
DU | Ⅰ级 | R、Q、D |
Tab. 1 Role permission mapping table
角色 | 等级 | 权限 | 安全等级 |
---|---|---|---|
Admin | Ⅲ级 | R、Wall、Q、Uall、D | 4 |
DO | Ⅱ级 | R、Wown、Q、Uown、D | |
DU | Ⅰ级 | R、Q、D |
符号 | 含义 | 符号 | 含义 |
---|---|---|---|
用户 | 数字证书 | ||
策略信息 | |||
文件在IPFS的索引 | |||
签名 | 主体属性,包括 | ||
时间戳 | 客体属性,包括 | ||
主链 | 操作属性,包括读、写等 | ||
从链 | 用户请求request | ||
确认信息 | Time | 证书的有效时长 |
Tab. 2 Description of symbols
符号 | 含义 | 符号 | 含义 |
---|---|---|---|
用户 | 数字证书 | ||
策略信息 | |||
文件在IPFS的索引 | |||
签名 | 主体属性,包括 | ||
时间戳 | 客体属性,包括 | ||
主链 | 操作属性,包括读、写等 | ||
从链 | 用户请求request | ||
确认信息 | Time | 证书的有效时长 |
用户请求 | 访问策略 | 预设结果 | 实验组数 | 成功组数 | 失败组数 |
---|---|---|---|---|---|
100 | 100 | 0 | |||
100 | 0 | 100 | |||
100 | 0 | 100 | |||
100 | 0 | 100 | |||
100 | 0 | 100 | |||
100 | 0 | 100 |
Tab. 3 Response test instructions
用户请求 | 访问策略 | 预设结果 | 实验组数 | 成功组数 | 失败组数 |
---|---|---|---|---|---|
100 | 100 | 0 | |||
100 | 0 | 100 | |||
100 | 0 | 100 | |||
100 | 0 | 100 | |||
100 | 0 | 100 | |||
100 | 0 | 100 |
名称 | 详细配置 |
---|---|
CPU | Intel Core i7-11700 @ 2.50 GHz |
操作系统 | Ubuntu 20.4,内存4 GB |
开发平台 | Hyperledger Fabric2.0.0,Docker20.10.7 |
账本数据库 | CouchDB |
编程语言 | GO语言 |
IPFS | ipfs 0.18.1 |
Tab. 4 Experimental environment configuration
名称 | 详细配置 |
---|---|
CPU | Intel Core i7-11700 @ 2.50 GHz |
操作系统 | Ubuntu 20.4,内存4 GB |
开发平台 | Hyperledger Fabric2.0.0,Docker20.10.7 |
账本数据库 | CouchDB |
编程语言 | GO语言 |
IPFS | ipfs 0.18.1 |
类型 | CPU占用率/% | 内存开销/MB | TrafficIn/MB | TrafficOut/MB | ||
---|---|---|---|---|---|---|
max | avg | max | avg | |||
单链 | 54.81 | 44.90 | 143.78 | 143.35 | 65.08 | 85.50 |
主从链 | 22.11 | 17.52 | 69.16 | 68.77 | 70.13 | 115.22 |
Tab. 5 Comparison of resource costs between single chain and master-slave chain
类型 | CPU占用率/% | 内存开销/MB | TrafficIn/MB | TrafficOut/MB | ||
---|---|---|---|---|---|---|
max | avg | max | avg | |||
单链 | 54.81 | 44.90 | 143.78 | 143.35 | 65.08 | 85.50 |
主从链 | 22.11 | 17.52 | 69.16 | 68.77 | 70.13 | 115.22 |
方案 | 细粒度 | 灵活性 | 分类 管理 | 策略 分级 | 可扩展性 | 图片视频 存储 |
---|---|---|---|---|---|---|
文献[ | √ | √ | × | √ | × | × |
文献[ | √ | × | × | × | √ | √ |
文献[ | √ | √ | × | √ | √ | √ |
本文方案 | √ | √ | √ | √ | √ | √ |
Tab. 6 Comparison of scheme functions
方案 | 细粒度 | 灵活性 | 分类 管理 | 策略 分级 | 可扩展性 | 图片视频 存储 |
---|---|---|---|---|---|---|
文献[ | √ | √ | × | √ | × | × |
文献[ | √ | × | × | × | √ | √ |
文献[ | √ | √ | × | √ | √ | √ |
本文方案 | √ | √ | √ | √ | √ | √ |
方案 | 发送速率/TPS | 平均时延/s |
---|---|---|
文献[ | 390 | 6.07 |
文献[ | 50 | 0.74 |
本文方案 | 50 | 0.01 |
390 | 0.01 |
Tab. 7 Comparison of latency between different schemes at certain send rate
方案 | 发送速率/TPS | 平均时延/s |
---|---|---|
文献[ | 390 | 6.07 |
文献[ | 50 | 0.74 |
本文方案 | 50 | 0.01 |
390 | 0.01 |
1 | YANG L. The blockchain: state-of-the-art and research challenges[J]. Journal of Industrial Information Integration, 2019, 15: 80- 90. 10.1016/j.jii.2019.04.002 |
2 | HERBADJI A, GOUMIDI H, HARBI Y, et al. Blockchain for the Internet of Vehicles security[M]// Blockchain for Cybersecurity and Privacy. Boca Raton: CRC Press, 2020: 159- 197. 10.1201/9780429324932-10 |
3 | DI FRANCESCO MAESA D, MORI P. Blockchain 3.0 applications survey[J]. Journal of Parallel and Distributed Computing, 2020, 138: 99- 144. 10.1016/j.jpdc.2019.12.019 |
4 | KUMAR R, TRIPATHI R. Implementation of distributed file storage and access framework using IPFS and blockchain[C]// Proceeding of the 2019 Fifth International Conference on Image Information Processing. Piscataway: IEEE, 2019: 246- 251. 10.1109/iciip47207.2019.8985677 |
5 | AHMAD A, ASSD M, NJILLA L, et al. BlockTrail: a scalable multichain solution for blockchain-based audit trails[C]// Proceeding of the 2019 IEEE International Conference on Communications. Piscataway: IEEE, 2019: 1- 6. 10.1109/icc.2019.8761448 |
6 | KAN L, WEI Y, MUHAMMAD A H, et al. A multiple blockchains architecture on inter-blockchain communication[C]// Proceeding of the 2018 IEEE International Conference on Software Quality, Reliability and Security Companion. Piscataway: IEEE, 2018: 139- 145. 10.1109/qrs-c.2018.00037 |
7 | 梁秀波, 吴俊涵, 赵昱, 等. 区块链数据安全管理和隐私保护技术研究综述[J]. 浙江大学学报(工学版), 2022, 56( 1): 1- 15. |
LIANG X B, WU J H, ZHAO Y, et al. Review of blockchain data security management and privacy protection technology research[J]. Journal of Zhejiang University (Engineering Science), 2022, 56( 1): 1- 15. | |
8 | ANDROUTSELLIS-THEOTOKIS S, SPINELLIS D. A survey of peer-to-peer content distribution technologies[J]. ACM Computing Surveys, 2004, 36( 4): 335- 371. 10.1145/1041680.1041681 |
9 | 苗新亮, 常瑞, 潘少平, 等. 可信执行环境访问控制建模与安全性分析[J]. 软件学报, 2023, 34( 8): 3637- 3658. |
MIAO X L, CHANG R, PAN S P, et al. Modeling and security analysis of access control in trusted execution environment[J]. Journal of Software, 2023, 34( 8): 3637- 3658. | |
10 | HASAN S S, SULTAN N H, BARBHUIYA F A. Cloud data provenance using IPFS and blockchain technology[C]// Proceedings of the Seventh International Workshop on Security in Cloud Computing. NewYork: ACM, 2019: 5- 12. 10.1145/3327962.3331457 |
11 | ZHENG Q, LI Y, CHEN P, et al. An innovative IPFS-based storage model for blockchain [C] // Proceedings of the 2018 IEEE/WIC/ACM International Conference on Web Intelligence. Piscataway: IEEE, 2018: 704- 708. 10.1109/wi.2018.000-8 |
12 | 刘扬, 胡学先, 周刚, 等. 基于多层次区块链的医疗数据共享模型[J]. 计算机应用研究, 2022, 39( 5): 1307- 1312,1318. |
LIU Y, HU X X, ZHOU G, et al. Multi-level blockchain based model for medical data sharing[J]. Application Research of Computers, 2022, 39( 5): 1307- 1312, 1318. | |
13 | I-T CHOU, SU H-H, Y-L HSUEH, et al. BC-Store: a scalable design for blockchain storage[C]// Proceedings of the 2nd International Electronics Communication Conference. New York: ACM, 2020: 33- 38. 10.1145/3409934.3409940 |
14 | 蒋家昊, 张璇, 邓宏镜, 等. 基于区块链的多部门数据共享访问控制流程建模[J]. 计算机集成制造系统, 2022, 28( 10): 3202- 3211. |
JIANG J H, ZHANG X, DENG H J, et al. Multi-departmental data sharing access control scheme on blockchain[J]. Computer Integrated Manufacturing System, 2022, 28( 10): 3202- 3211. | |
15 | HUANG J, WU D. Access control model scheme based on policy grading in natural language processing blockchain environment[J]. Mobile Information Systems, 2022, 2022: 4365944. 10.1155/2022/4365944 |
16 | CHANG J, NI J, XIAO J, et al. SynergyChain: a multichain-based data-sharing framework with hierarchical access control[J]. IEEE Internet of Things Journal, 2023, 9( 16): 14767- 14778. 10.1109/jiot.2021.3061687 |
17 | ABDI A I, EASSA F E, JAMBI K, et al. Hierarchical blockchain-based multi-chaincode access control for securing IoT systems[J]. Electronics, 2022, 11( 5): 711. 10.3390/electronics11050711 |
18 | RAKIB M H, HOSSAIN S, JAHAN M, et al. A blockchain-enabled scalable network log management system[J]. Journal of Computer Science, 2022, 18( 6): 496- 508. 10.3844/jcssp.2022.496.508 |
19 | BENET J. IPFS — content addressed, versioned, P2P file system[EB/OL]. [ 2023-04-01]. . |
20 | LIN I-C, LIAO T-C. A survey of blockchain security issues and challenges[J]. International Journal of Network Security, 2017, 19( 5): 653- 659. |
21 | JIANG Y, WANG C, WANG Y, et al. A cross-chain solution to integrating multiple blockchains for IoT data management[J]. Sensors, 2019, 19( 9): 2042. 10.3390/s19092042 |
22 | YU X, SHU Z, LI Q, et al. BC-BLPM: a multi-level security access control model based on blockchain technology[J]. China Communications, 2021, 18( 2): 110- 135. 10.23919/jcc.2021.02.008 |
[1] | Tingwei CHEN, Jiacheng ZHANG, Junlu WANG. Random validation blockchain construction for federated learning [J]. Journal of Computer Applications, 2024, 44(9): 2770-2776. |
[2] | Xiaoling SUN, Danhui WANG, Shanshan LI. Dynamic ciphertext sorting and retrieval scheme based on blockchain [J]. Journal of Computer Applications, 2024, 44(8): 2500-2505. |
[3] | Chun SUN, Chunlong HU, Shucheng HUANG. Consistency preserving age estimation method by ensemble ranking [J]. Journal of Computer Applications, 2024, 44(8): 2381-2386. |
[4] | Baoyan SONG, Junxiang DING, Junlu WANG, Haolin ZHANG. Consortium blockchain modification method based on chameleon hash and verifiable secret sharing [J]. Journal of Computer Applications, 2024, 44(7): 2087-2092. |
[5] | He HUANG, Yu JIN. Cloud data auditing scheme based on voting and Ethereum smart contracts [J]. Journal of Computer Applications, 2024, 44(7): 2093-2101. |
[6] | Jiao LI, Xiushan ZHANG, Yuanhang NING. Blockchain sharding method for reducing cross-shard transaction proportion [J]. Journal of Computer Applications, 2024, 44(6): 1889-1896. |
[7] | Lipeng ZHAO, Bing GUO. Blockchain consensus improvement algorithm based on BDLS [J]. Journal of Computer Applications, 2024, 44(4): 1139-1147. |
[8] | Xin LI, Liyong BAO, Hongwei DING, Zheng GUAN. MAC layer scheduling strategy of roadside units based on MEC server priority service [J]. Journal of Computer Applications, 2024, 44(4): 1227-1235. |
[9] | Gaimei GAO, Jin ZHANG, Chunxia LIU, Weichao DANG, Shangwang BAI. Privacy protection scheme for crowdsourced testing tasks based on blockchain and CP-ABE policy hiding [J]. Journal of Computer Applications, 2024, 44(3): 811-818. |
[10] | Haifeng MA, Yuxia LI, Qingshui XUE, Jiahai YANG, Yongfu GAO. Attribute-based encryption scheme for blockchain privacy protection [J]. Journal of Computer Applications, 2024, 44(2): 485-489. |
[11] | Ziqian CHEN, Kedi NIU, Zhongyuan YAO, Xueming SI. Review of blockchain lightweight technology applied to internet of things [J]. Journal of Computer Applications, 2024, 44(12): 3688-3698. |
[12] | Tingting GAO, Zhongyuan YAO, Miao JIA, Xueming SI. Overview of on-chain and off-chain consistency protection technologies [J]. Journal of Computer Applications, 2024, 44(12): 3658-3668. |
[13] | Miao JIA, Zhongyuan YAO, Weihua ZHU, Tingting GAO, Xueming SI, Xiang DENG. Progress and prospect of zero-knowledge proof enabling blockchain [J]. Journal of Computer Applications, 2024, 44(12): 3669-3677. |
[14] | Kedi NIU, Min LI, Zhongyuan YAO, Xueming SI. Review of blockchain consensus algorithms for internet of things [J]. Journal of Computer Applications, 2024, 44(12): 3678-3687. |
[15] | Yifan WANG, Shaofu LIN, Yunjiang LI. Highway free-flow tolling method based on blockchain and zero-knowledge proof [J]. Journal of Computer Applications, 2024, 44(12): 3741-3750. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||