Skip to main content
SpringerLink
Log in

Chain-based big data access control infrastructure

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Technological advancements have brought about the rise of data and other digital assets in our world today. The major problems with data today are its security and management, more importantly access control. These factors when not tackled effectively can lead to many compromises. The blockchain is an effective technology that ensures utmost security, trust, and maximum access control in big data systems. However, almost all the transactions on a blockchain network are stored in the platform. This process reduces the data storage, as the storage of all transactions sometimes creates unnecessary overheads. In this paper, an off-chain-based sovereign blockchain is proposed, where a virtual container is created for parties to transact in. At the end of a transaction, and satisfying each party, the container is destroyed but the results are stored on the sovereign blockchain network. This effectively decreases the amount of data that would have been stored on the network. The effectiveness of our system is compared with other schemes, and we could infer that our proposed system outperforms the already-existing ones.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Chen J, Xue Y (2017) Bootstrapping a blockchain based ecosystem for big data exchange. In: Proceedings—2017 IEEE 6th International Congress on Big Data, BigData Congress 2017, pp 460–463

  2. Liu PTS (2016) Medical record system using blockchain, big data and tokenization. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol 9977 LNCS, pp 254–261

    Chapter  Google Scholar 

  3. Es-Samaali H, Outchakoucht A, Leroy JP (2017) A blockchain-based access control for big data. Int J Comput Netw Commun Secur 5(7):137147

    Google Scholar 

  4. Zheng Z, Xie S, Dai H, Chen X, Wang H (2017) An overview of blockchain technology: architecture, consensus, and future trends. In: Proceedings—2017 IEEE 6th International Congress on Big Data, BigData Congress 2017, pp 557–564

  5. Morabito V (2017) The security of blockchain systems, business innovation through blockchain: the business perspective, pp 6178

    Chapter  Google Scholar 

  6. Swan M (2015) Blockchain thinking: the brain as a decentralized autonomous corporation [commentary]. IEEE Technol Soc Mag 34(4):4152

    Article  Google Scholar 

  7. Nath I (2017) Data exchange platform to fight insurance fraud on blockchain. In: IEEE International Conference on Data Mining Workshops, ICDMW, pp 821–825

  8. Tapscott D, Tapscott A (2016) Blockchain revolution: how the technology behind bitcoin is changing money, business, and the world. Penguin, pp 361–367

  9. Qiu J, Wu Q, Ding G, Xu Y (2016) Feng S (2016) A survey of machine learning for big data processing. EURASIP J Adv Signal Process 1:67

    Article  Google Scholar 

  10. Ranjan R (2014) Streaming big data processing in datacenter clouds. IEEE Cloud Comput 1(1):7883

    Article  Google Scholar 

  11. Wu X, Zhu X, Wu G-Q, Ding W (2014) Data mining with big data. Knowl Data Eng IEEE Trans 26(1):97107

    Google Scholar 

  12. Dessureault S (2016) Understanding big data. CIM Magazine 11.1

  13. Tschorsch F, Scheuermann B (2016) Bitcoin and beyond: a technical survey on decentralized digital currencies. IEEE Commun Surv Tutor 18(3):20842123

    Article  Google Scholar 

  14. Nadarajah S, Chu J (2017) On the inefficiency of Bitcoin. Econ Lett 150:69

    Article  Google Scholar 

  15. McGinn D, Birch D, Akroyd D, Molina-Solana M, Guo Y, Knottenbelt WJ (2016) Visualizing dynamic bitcoin transaction patterns. Big Data 4(2):109119

    Article  Google Scholar 

  16. Wijaya DA (2017) Extending asset management system functionality in bitcoin platform. In: Proceeding—2016 international conference on computer, control, informatics and its applications: recent progress in computer, control, and informatics for data science, IC3INA 2016, pp 97–101

  17. Ciaian P, Rajcaniova M, Kancs A (2016) The economics of BitCoin price formation. Appl Econ 48(19):17991815

    Article  Google Scholar 

  18. Bhme R, Christin N, Edelman B, Moore T (2015) Bitcoin design principles enabling technologies and processes. J Econ Perspect 29(2):213238

    Google Scholar 

  19. Dennis R, Owenson G (2016) Rep on the roll: a peer to peer reputation system based on a rolling blockchain. Int J Digit Soc 7(1):11231134

    Google Scholar 

  20. Wright A, De Filippi P (2015) Decentralized blockchain technology and the rise of lex cryptographia. http://ssrn.com/abstract=2580664. Accessed 15 Nov 2017

  21. Zyskind G, Nathan O, Pentland AS (2015) Decentralizing privacy: using blockchain to protect personal data. In: Proceedings—2015 IEEE Security and Privacy Workshops, SPW 2015, pp 180–184

  22. Yue X, Wang H, Jin D, Li M, Jiang W (2016) Healthcare data gateways: found healthcare intelligence on blockchain with novel privacy risk control. J Med Syst 40(10):218

    Article  Google Scholar 

  23. Zyskind G, Nathan O, Pentland A (2015) Enigma: decentralized computation platform with guaranteed privacy. arXiv:1506.03471 [cs], pp 114

  24. Hardjono T, Smith N, Pentland A (2016) Anonymous identities for permissioned blockchains. Available: http://connection.mit.edu/wp-content/uploads/sites/29/2014/12/Anonymous-Identities-for-Permissioned-Blockchains2.pdf. Accessed 22 Aug 2017

  25. Sundareswaran S, Squicciarini AC, Lin D (2012) For data sharing in the cloud. IEEE Trans Dependable Secure Comput 9(4):556568

    Article  Google Scholar 

  26. Ferdous S, Margheri A, Federica P, Vladimiro S (2017) Decentralised runtime monitoring for access control systems in cloud federations. GB University of Southampton, Southampton, p 11

    Google Scholar 

  27. Hassan MM, Lin K, Yue X, Wan J (2017) A multimedia healthcare data sharing approach through cloud-based body area network. Future Gener Comput Syst 66:4858

    Article  Google Scholar 

  28. Mann C, Loebenberger D (2017) Two-factor authentication for the Bitcoin protocol. Int J Inf Secur 16(2):213226

    Article  Google Scholar 

Download references

Acknowledgements

This work is supported in part by the applied basic research programs of Sichuan Province (2015JY0043), the Fundamental Research Funds for the Central Universities (ZYGX2015J154, ZYGX2016J152, ZYGX2016J170), programs of international science and technology cooperation and exchange of Sichuan Province (2017HH0028), Key research and development projects of high and new technology development and industrialization of Sichuan Province (2017GZ0007).This work is supported by the National Key Research and Development Program of China (Grant No. 2016QY04WW0802, 2016QY04W0800, 03). This work supported by the National Engineering Laboratory for Big data application on improving government governance capabilities.

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, UESTC, Chengdu, China

    Emmanuel Boateng Sifah, Kwame Opuni-Boachie Obour Agyekum & Sandro Amofa

  2. Center for Cyber Security, UESTC, Chengdu, China

    Qi Xia

  3. School of Resource and Environment, Center for Digital Health, UESTC, Chengdu, China

    Jianbin Gao

  4. Youe Data Co. Ltd., Beijing, China

    Ruidong Chen & Hu Xia

  5. Department of Radiology, University of Pennsylvania, Philadelphia, USA

    James C. Gee

  6. School of Computer Science and Engineering, UESTC, Chengdu, China

    James C. Gee

  7. Department of Computer and Information Sciences, Temple University, Philadelphia, USA

    Xiaojiang Du

  8. Department of Electrical and Computer Engineering, University of Idaho, Moscow, ID, 83844, USA

    Mohsen Guizani

Authors
  1. Emmanuel Boateng Sifah
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qi Xia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kwame Opuni-Boachie Obour Agyekum
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sandro Amofa
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jianbin Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Ruidong Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Hu Xia
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. James C. Gee
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Xiaojiang Du
    View author publications

    You can also search for this author in PubMed Google Scholar

  10. Mohsen Guizani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qi Xia.

Appendix: Two-factor authentication scheme

Appendix: Two-factor authentication scheme

In this paper, an ECDSA authentication scheme, which was proposed by Christopher Mann and Daniel Loebenberger [28], is adopted. The scheme has three phases: initialization, construction of an ephemeral key, and a signature formulation.

  • Initialization An ECDSA key pair (dQ) is generated. The private key is multiplicatively shared between the user and the system, by selecting \(d_U \in {\mathbb {Z}_n}^*\) pseudorandomly and computing \(d_S = d \times {d_U}^{-1}\) in \({\mathbb {Z}_n}^*\). Then, \(d=d_Ud_S\) and the user gets its share of the key \(d_U\), while the system also takes \(d_S\). Both user and system then compute their corresponding public keys \(Q_U=d_UG\) and \(Q_S=d_SG\), where G is a finite base point on an elliptic curve, E. Two key pairs, \((sk_U,pk_U)\) and \((sk_S,pk_S)\), for a homomorphic public key encryption scheme are generated and distributed to the user and system accordingly.

  • Key construction In this phase, a shared ephemeral secret \(k=k_Uk_S \in {\mathbb {Z}_n}^*\) is generated together with the corresponding public key \(V=kG \in E\). The user and the system also compute the public keys corresponding to their shares of this secret as \(V_U=k_UG\) and \(V_S=k_SG \in E \). Also, the user commits to the two values \({k_U}^{-1}\) and \({k_U}^{-1}d_U\) in \({\mathbb {Z}_n}^*\) by sending the corresponding encryptions under \(pk_U\) to the system.

  • Signature formulation In the final phase, the system uses the two commitments together with the homomorphic property of the encryption scheme to finally compute the second part of the ECDSA signature.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sifah, E.B., Xia, Q., Agyekum, K.OB.O. et al. Chain-based big data access control infrastructure. J Supercomput 74, 4945–4964 (2018). https://doi.org/10.1007/s11227-018-2308-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-018-2308-7

Keywords

Search

Navigation