Balancing Confidentiality and Transparency for Blockchain-based Process-Aware Information Systems

• URL: http://arxiv.org/abs/2412.05737v2
• Date: Fri, 13 Dec 2024 15:55:31 GMT
• Title: Balancing Confidentiality and Transparency for Blockchain-based Process-Aware Information Systems
• Authors: Alessandro Marcelletti, Edoardo Marangone, Claudio Di Ciccio,
• Abstract summary: We propose an architecture for blockchain-based PAISs aimed at preserving both confidentiality and transparency. Smart contracts enact, enforce and store public interactions, while attribute-based encryption techniques are adopted to specify access grants to confidential information.
• Score: 46.404531555921906
• License:
• Abstract: Blockchain enables novel, trustworthy Process-Aware Information Systems (PAISs) by enforcing the security, robustness, and traceability of operations. In particular, transparency ensures that all information exchanges are openly accessible, fostering trust within the system. Although this is a desirable property to enable notarization and auditing activities, it also represents a limitation for such cases where confidentiality is a requirement since interactions involve sensible data. Current solutions rely on obfuscation techniques or private infrastructures, hindering the enforcing capabilities of smart contracts and the public verifiability of transactions. Against this background, we propose CONFETTY, an architecture for blockchain-based PAISs aimed at preserving both confidentiality and transparency. Smart contracts enact, enforce and store public interactions, while attribute-based encryption techniques are adopted to specify access grants to confidential information. We assess the security of our solution through a systematic threat model analysis and assess its practical feasibility by gauging the performance of our implemented prototype in different scenarios from the literature.

Related papers

• Collaborative Inference over Wireless Channels with Feature Differential Privacy [57.68286389879283]
  Collaborative inference among multiple wireless edge devices has the potential to significantly enhance Artificial Intelligence (AI) applications. transmitting extracted features poses a significant privacy risk, as sensitive personal data can be exposed during the process. We propose a novel privacy-preserving collaborative inference mechanism, wherein each edge device in the network secures the privacy of extracted features before transmitting them to a central server for inference.
  arXiv  Detail & Related papers  (2024-10-25T18:11:02Z)
• MARTSIA: Safeguarding Data Confidentiality in Blockchain-Driven Process Execution [6.26635837045368]
  Multi-Authority Approach to Transaction Systems for Interoperating Applications (MARTSIA) MARTSIA provides read-access control at the message-part level through user-defined policies and certifier-declared attributes. MARTSIA resorts to encrypted, Multi-Authority Attribute-Based Encryption and distributed hash-table data-stores.
  arXiv  Detail & Related papers  (2024-07-15T12:59:54Z)
• CAKE: Sharing Slices of Confidential Data on Blockchain [1.481195148653669]
  Control Access via Key Encryption (CAKE) designed to ensure data confidentiality in scenarios involving public blockchains. We showcase the application of CAKE in the context of a real-world cyber-security project within the logistics domain.
  arXiv  Detail & Related papers  (2024-05-07T09:44:04Z)
• Enhancing Trust and Privacy in Distributed Networks: A Comprehensive Survey on Blockchain-based Federated Learning [51.13534069758711]
  Decentralized approaches like blockchain offer a compelling solution by implementing a consensus mechanism among multiple entities. Federated Learning (FL) enables participants to collaboratively train models while safeguarding data privacy. This paper investigates the synergy between blockchain's security features and FL's privacy-preserving model training capabilities.
  arXiv  Detail & Related papers  (2024-03-28T07:08:26Z)
• Security and Privacy Enhancing in Blockchain-based IoT Environments via Anonym Auditing [0.0]
  We propose a novel framework that combines the decentralized nature of blockchain with advanced security protocols tailored for IoT contexts. We outline the architecture of blockchain in IoT environments, emphasizing the workflow and specific security mechanisms employed. We introduce a security protocol that integrates privacy-enhancing tools and anonymous auditing methods, including the use of advanced cryptographic techniques for anonymity.
  arXiv  Detail & Related papers  (2024-03-03T01:09:43Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• Blockchain-enabled Data Governance for Privacy-Preserved Sharing of Confidential Data [1.6006586061577806]
  We propose a blockchain-based data governance system that employs attribute-based encryption to prevent privacy leakage and credential misuse. First, our ABE encryption system can handle multi-authority use cases while protecting identity privacy and hiding access policy. Second, applying the Advanced Encryption Standard (AES) for data encryption makes the whole system efficient and responsive to real-world conditions.
  arXiv  Detail & Related papers  (2023-09-08T05:01:59Z)
• Enabling Data Confidentiality with Public Blockchains [5.749927436954179]
  Multi-Authority Approach to Transaction Systems for Interoperating Applications (MARTSIA) MARTSIA enables read-access control over shared data at the level of message parts. Based on Multi-Authority Attribute-Based Encryption (MA-ABE), MARTSIA enables read-access control over shared data at the level of message parts.
  arXiv  Detail & Related papers  (2023-08-04T13:21:48Z)
• Breaking the Communication-Privacy-Accuracy Tradeoff with $f$-Differential Privacy [51.11280118806893]
  We consider a federated data analytics problem in which a server coordinates the collaborative data analysis of multiple users with privacy concerns and limited communication capability. We study the local differential privacy guarantees of discrete-valued mechanisms with finite output space through the lens of $f$-differential privacy (DP) More specifically, we advance the existing literature by deriving tight $f$-DP guarantees for a variety of discrete-valued mechanisms.
  arXiv  Detail & Related papers  (2023-02-19T16:58:53Z)
• Privacy-Preserving Joint Edge Association and Power Optimization for the Internet of Vehicles via Federated Multi-Agent Reinforcement Learning [74.53077322713548]
  We investigate the privacy-preserving joint edge association and power allocation problem. The proposed solution strikes a compelling trade-off, while preserving a higher privacy level than the state-of-the-art solutions.
  arXiv  Detail & Related papers  (2023-01-26T10:09:23Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.