Abstract
There has been a significant recent interest in trust-building technologies for decentralized environments, especially for sharing data between mutually distrusting entities. One of the critical challenges in this context is to ensure that shared data cannot be tampered with, and that access to this data can always be traced and audited in a secure and trustworthy way, e.g., by using an access log to detect tampering. However, for audit trail data to be useful, it must be correct, immutable, and tied with access control mechanisms. We present AuditTrust, a blockchain-based secure audit trail for data sharing in a distributed environment. We prototype AuditTrust using several technologies, such as Hyperledger Besu, IPFS, the Intel SGX TEE, and Vault. Our evaluation of AuditTrust examines the latency costs of auditing and access control and shows the effectiveness of the approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Xiao, Y., Zhang, N., Li, J., Lou, W., Hou, Y.T.: PrivacyGuard: enforcing private data usage control with blockchain and attested off-chain contract execution. In: Chen, L., Li, N., Liang, K., Schneider, S. (eds.) ESORICS 2020. LNCS, vol. 12309, pp. 610–629. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-59013-0_30
Liang, X., Shetty, S., Tosh, D., Kamhoua, C., Kwiat, K., Njilla, L.: ProvChain: a blockchain-based data provenance architecture in cloud environment with enhanced privacy and availability. In: 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID), pp. 468–477. IEEE (2017)
Kuo, T.-T., Kim, H.-E., Ohno-Machado, L.: Blockchain distributed ledger technologies for biomedical and health care applications. J. Am. Med. Inform. Assoc. 24(6), 1211–1220 (2017)
Shafagh, H., Burkhalter, L., Hithnawi, A., Duquennoy, S.: Towards blockchain-based auditable storage and sharing of IoT data. In: Proceedings of the 2017 on Cloud Computing Security Workshop, pp. 45–50 (2017)
Miyachi, K., Mackey, T.K.: hOCBS: a privacy-preserving blockchain framework for healthcare data leveraging an on-chain and off-chain system design. Inf. Process. Manag. 58(3), 102535 (2021)
Wang, S., Zhang, Y., Zhang, Y.: A blockchain-based framework for data sharing with fine-grained access control in decentralized storage systems. IEEE Access 6, 38437–38450 (2018)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)
Cheng, R., et al.: Ekiden: a platform for confidentiality-preserving, trustworthy, and performant smart contracts. In: 2019 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 185–200 (2019)
Fisch, B., Vinayagamurthy, D., Boneh, D., Gorbunov, S.: IRON: functional encryption using Intel SGX. In: ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 765–782. ACM (2017)
Hunt, T., Zhu, Z., Xu, Y., Peter, S., Witchel, E.: Ryoan: a distributed sandbox for untrusted computation on secret data. ACM Trans. Comput. Syst. 35(4), 13:1–13:32 (2018)
Bowman, M., Miele, A., Steiner, M., Vavala, B.: Private data objects: an overview. arXiv, 5 November 2018
Cruz, J.P., Kaji, Y., Yanai, N.: RBAC-SC: role-based access control using smart contract. IEEE Access 6, 12240–12251 (2018). https://doi.org/10.1109/ACCESS.2018.2812844
IBFT 2.0 - hyperledger besu. https://besu.hyperledger.org/en/stable/HowTo/Configure/Consensus-Protocols/IBFT/
Benet, J.: IPFS-content addressed, versioned, P2P file system. arXiv preprint arXiv:1407.3561 (2014)
Eberhardt, J., Heiss, J.: Off-chaining models and approaches to off-chain computations. In: 2nd Workshop on Scalable and Resilient Infrastructures for Distributed Ledgers (SERIAL), pp. 7–12 (2018)
EdgeLess systems, Ego-Go library. https://github.com/edgelesssys/ego
Liu, W., et al.: Understanding TEE containers, easy to use? Hard to trust. arXiv preprint arXiv:2109.01923 (2021)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Sanchez, H.L., Tysebaert, S., Rath, A., Rivière, E. (2022). AuditTrust: Blockchain-Based Audit Trail for Sharing Data in a Distributed Environment. In: Marrone, S., et al. Dependable Computing – EDCC 2022 Workshops. EDCC 2022. Communications in Computer and Information Science, vol 1656. Springer, Cham. https://doi.org/10.1007/978-3-031-16245-9_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-16245-9_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-16244-2
Online ISBN: 978-3-031-16245-9
eBook Packages: Computer ScienceComputer Science (R0)