Abstract
Cooperative information systems typically involve various entities in a collaborative process within a distributed environment. Blockchain technology offers a mechanism for automating such processes, even when only partial trust exists among participants. The data stored on the blockchain is replicated across all nodes in the network, ensuring accessibility to all participants. While this aspect facilitates traceability, integrity, and persistence, it poses challenges for adopting public blockchains in enterprise settings due to confidentiality issues. In this paper, we present a software tool named Control Access via Key Encryption (CAKE), designed to ensure data confidentiality in scenarios involving public blockchains. After outlining its core components and functionalities, we showcase the application of CAKE in the context of a real-world cyber-security project within the logistics domain.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
https://brie.moveax.it/en, accessed 2024-03-11.
- 2.
https://sepolia.etherscan.io/, accessed 2024-03-11.
- 3.
https://app.dappflow.org/dashboard/home, accessed 2024-03-11.
References
Basile, D., Goretti, V., Di Ciccio, C., Kirrane, S.: Enhancing blockchain-based processes with decentralized oracles. In: BPM Blockchain and RPA Forum, pp. 102–118 (2021)
Benhamouda, F., et al.: Can a public blockchain keep a secret? In: TCC (2020)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: SP, pp. 321–334 (2007)
Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_28
Chen, J., Micali, S.: Algorand: a secure and efficient distributed ledger. Theor. Comput. Sci. 777, 155–183 (2019)
Corradini, F., Marcelletti, A., Morichetta, A., et al.: Engineering trustable and auditable choreography-based systems using blockchain. ACM Trans. Manage. Inf. Syst. 13(3), 1–53 (2022)
Dannen, C.: Introducing Ethereum and Solidity. Apress, Berkeley, CA (2017). https://doi.org/10.1007/978-1-4842-2535-6
Dumas, M., La Rosa, M., Mendling, J., Reijers, H.A.: Fundamentals of Business Process Management, 2nd edn. Springer, Heidelberg (2018)
Feng, Q., He, D., Zeadally, S., Khan, M.K., Kumar, N.: A survey on privacy protection in blockchain system. J. Netw. Comput. Appl. 126, 45–58 (2019)
Ghaisas, S., Rose, P., Daneva, M., Sikkel, K., Wieringa, R.J.: Generalizing by similarity: lessons learnt from industrial case studies. In: CESI, pp. 37–42 (2013)
Haarmann, S., Batoulis, K., Nikaj, A., Weske, M.: Executing collaborative decisions confidentially on blockchains. In: BPM (Blockchain and CEE Forum), pp. 119–135 (2019)
Hobeck, R., Weber, I.: Towards object-centric process mining for blockchain applications. In: BPM (Blockchain and RPA Forum), pp. 51–65 (2023)
Klinkmüller, C., Ponomarev, A., Tran, A.B., Weber, I., van der Aalst, W.M.P.: Mining blockchain processes: extracting process mining data from blockchain applications. In: BPM Blockchain and CEE Forum, pp. 71–86 (2019)
Kosba, A., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: SP, pp. 839–858 (2016)
Liu, Z., Jiang, Z.L., Wang, X., et al.: Multi-authority ciphertext policy attribute-based encryption scheme on ideal lattices. In: ISPA/IUCC/BDCloud/SocialCom/SustainCom, pp. 1003–1008 (2018)
López-Pintado, O., Dumas, M., García-Bañuelos, L., Weber, I.: Controlled flexibility in blockchain-based collaborative business processes. Inf. Syst. 104, 101622 (2022)
López-Pintado, O., García-Bañuelos, L., Dumas, M., et al.: Caterpillar: a business process execution engine on the Ethereum blockchain. Softw. Pract. Exper. 49(7), 1162–1193 (2019)
Madsen, M.F., Gaub, M., Høgnason, T., et al.: Collaboration among adversaries: distributed workflow execution on a blockchain. In: FAB, pp. 8–15 (2018)
Marangone, E., Di Ciccio, C., Friolo, D., Nemmi, E.N., Venturi, D., Weber, I.: MARTSIA: enabling data confidentiality for blockchain-based process execution. In: Proper, H.A., Pufahl, L., Karastoyanova, D., van Sinderen, M., Moreira, J. (eds.) Enterprise Design, Operations, and Computing, EDOC 2023. LNCS, vol. 14367, pp. 58–76. Springer, Cham (2024). https://doi.org/10.1007/978-3-031-46587-1_4
Marangone, E., Di Ciccio, C., Weber, I.: Fine-grained data access control for collaborative process execution on blockchain. In: BPM Blockchain and RPA Forum, pp. 51–67 (2022)
Mühlberger, R., Bachhofner, S., Di Ciccio, C., et al.: Extracting event logs for process mining from data stored on the blockchain. In: BPM Workshops, pp. 690–703 (2019)
Mühlberger, R., Bachhofner, S., Ferrer, E.C., et al.: Foundational oracle patterns: connecting blockchain to the off-chain world. In: BPM 2020 Blockchain and RPA Forum, pp. 35–51 (2020)
Pournaghi, S., Bayat, M., Farjami, Y.: MedSBA: a novel and secure scheme to share medical data based on blockchain technology and attribute-based encryption. JAIHC 11, 4613–4641 (2020). https://doi.org/10.1007/s12652-020-01710-y
Rahulamathavan, Y., Phan, R.C.W., Rajarajan, M., Misra, S., Kondoz, A.: Privacy-preserving blockchain based IoT ecosystem using attribute-based encryption. In: ANTS, pp. 1–6 (2017)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Stiehle, F., Weber, I.: Blockchain for business process enactment: a taxonomy and systematic literature review. In: Marrella, A., et al. (eds.) Business Process Management: Blockchain, Robotic Process Automation, and Central and Eastern Europe Forum, BPM 2022. LNBIP, vol. 459, pp. 5–20. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-16168-1_1
Wang, H., Song, Y.: Secure cloud-based EHR system using attribute-based cryptosystem and blockchain. J. Med. Syst. 42(8), 152 (2018). https://doi.org/10.1007/s10916-018-0994-6
Weber, I., Xu, X., Riveret, R., Governatori, G., Ponomarev, A., Mendling, J.: Untrusted business process monitoring and execution using blockchain. In: La Rosa, M., Loos, P., Pastor, O. (eds.) BPM 2016. LNCS, vol. 9850, pp. 329–347. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45348-4_19
Wieringa, R., Daneva, M.: Six strategies for generalizing software engineering theories. Sci. Comput. Program. 101, 136–152 (2015)
Wood, G.: Ethereum: a secure decentralised generalised transaction ledger (2014)
Xu, X., Weber, I., Staples, M.: Architecture for Blockchain Applications. Springer, Switzerland (2019). https://doi.org/10.1007/978-3-030-03035-3
Zhang, R., Xue, R., Liu, L.: Security and privacy on blockchain. ACM Comput. Surv. 52(3), 1–34 (2019)
Zheng, Z., et al.: An overview on smart contracts: challenges, advances and platforms. Fut. Gener. Comput. Syst. 105, 475–491 (2020)
Acknowledgements
The work of E. Marangone was partly funded by projects PINPOINT (B87G22000450001), under the PRIN MUR program, and BRIE (Cyber 4.0).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Marangone, E., Spina, M., Di Ciccio, C., Weber, I. (2024). CAKE: Sharing Slices of Confidential Data on Blockchain. In: Islam, S., Sturm, A. (eds) Intelligent Information Systems. CAiSE 2024. Lecture Notes in Business Information Processing, vol 520. Springer, Cham. https://doi.org/10.1007/978-3-031-61000-4_16
Download citation
DOI: https://doi.org/10.1007/978-3-031-61000-4_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-60999-2
Online ISBN: 978-3-031-61000-4
eBook Packages: Computer ScienceComputer Science (R0)