A Decentralized Group-oriented Information Sharing System with Searchable Encryption in Supply Chain Environment

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：75

、訪客IP：3.139.105.38

姓名

張哲維(Che-Wei Chang) 查詢紙本館藏

畢業系所

資訊管理學系

論文名稱

(A Decentralized Group-oriented Information Sharing System with Searchable Encryption in Supply Chain Environment)

相關論文

★ DeFi 去中心化金融發展現況及風險分析- 以2017~2022 年 6 月為研究區間	★ 基於區塊鏈防止雙重投票的匿名投票系統
★ NFT-based 車輛與零件履歷驗證平台	★ 基於區塊鏈與代理重新加密之隱私保護威脅情資分享平台
★ 元宇宙與 NFT 應用於旅遊購物虛實整合架構規劃之研究	★ Blockchain-based Federated learning with Data privacy protection
★ 具公正性抽獎機制與隱私防護之問卷平台	★ 建立安全可靠的推薦信平台: 基於分散式系統的創新方法
★ 去中心化電子書交易平台之區塊鏈框架設計與可行性分析	★ A Batch Verified Decentralized-AI Against Poisoning Attack In 6G Industrial CPS Environments
★ A Blockchain-based Work Performance Authenticity Platform with User Incentive Mechanism	★ 基於區塊鏈與存取控制之多媒體分享平台

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 (2028-7-1以後開放)

摘要(中)

供應鏈的資訊共享是現今商業環境中一個相當重要的課題，在傳統的共享模式下，通常會指定一個服務供應商來進行資訊的協調，但這卻產生了資訊存取控制中心化的問題。為而區塊鏈因其透明性與不可篡改性，成為一個十分適合協助供應鏈夥伴共享資訊的技術。然而現有的供應鏈資訊共享框架缺乏有效的隱私保護機制，並且多數並未考慮如何解決大規模資料共享下難以取得特定檔案的問題。在本文中，我們提出了一種結合IPFS與區塊鏈的檔案共享機制，並以CP-ABE降低檔案加解密所需的金鑰保管成本，再透過Attribute Cuckoo Filter達成有效率且安全的檔案搜尋機制。通過實驗證明，本文所提出的架構是可行的，且相較於現有的研究在搜尋準確性與計算成本上我們的架構有顯著的優勢。

摘要(英)

Information sharing in supply chains is a significant issue in the current business environment. Under traditional sharing models, a service provider is typically designated to coordinate information sharing, leading to the problem of centralized control over information access. Blockchain, with its transparency and immutability, has emerged as a highly suitable technology to assist in information sharing among supply chain partners. However, existing frameworks for supply chain information sharing lack effective privacy protection mechanisms and most do not consider how to address the issue of difficulty in searching for files when they are encrypted. In this paper, we propose a file-sharing mechanism that combines the InterPlanetary File System (IPFS) and blockchain. We use Ciphertext-Policy Attribute-Based Encryption (CP-ABE) to reduce the cost of repeated file encryption and decryption and apply Attribute Cuckoo Filter to achieve an efficient and secure file search mechanism. Through experimentation, we demonstrate that the proposed framework is viable and has a significant advantage over existing research in terms of search accuracy and computational cost.

關鍵字(中)

★ 區塊鏈
★ IFPS
★ 供應鏈資訊共享
★ 可搜尋加密
★ 密文策略屬性加密

關鍵字(英)

★ Blockchain
★ IPFS
★ Supply Chain Information Sharing
★ Searchable Encryption
★ CP-ABE

論文目次

摘要 ii
Abstract iii
Table of Contents iv
List of Figures vi
List of Tables vii
Explanation of Symbols viii
1. Introduction 1
1.1 Background 1
1.2 Motivation 1
1.2.1 Challenge of Information Sharing in Supply Chain 2
1.2.2 Challenge of Traditional Encryption 3
1.3 Contribution 5
1.4 Organization of the paper 6
2. Related work 7
2.1 Blockchain and IPFS 7
2.2 Attribute-based Encryption 8
2.3 Blockchain-based Information Sharing System in Supply Chain 9
2.4 Blockchain-based Searchable Encryption 10
3. Preliminaries 12
3.1 Basic Cryptography 12
3.2 Security-Enhanced Attribute Cuckoo Filter(Se-ACF) 13
4. Proposed System 15
4.1 System Model 15
4.2 Security Model 17
4.3 Design Goals 17
4.4 System Overview 17
4.5 System Operation Definition 19
5. System Construction 21
5.1 System Setting 21
5.1.1 Keyword & GID Setting 21
5.1.2 Attribute Setting 22
5.2 Workflow 22
5.2.0 Initialization 23
5.2.1 Encrypt File 24
5.2.2 Encrypt Key 24
5.2.3 Upload Encrypted File 25
5.2.4 Upload Access Link and ACF 25
5.2.5 Generate Seq 28
5.2.6 Send Seq to Blockchain 29
5.2.7 Get Access Link 30
5.2.8 Request File 30
5.2.9 Decrypt 31
5.2.10 Revocation 32
6. Security and Qualitative Analysis 34
6.1 Confidentiality of Encrypted File 34
6.2 Searching Privacy and Correctness 34
6.3 Transparency and Decentralization 36
6.4 Qualitative Analysis 37
7. Experiment 40
7.1 Setup 40
7.1.1 Algorithm Evaluation Environment 40
7.1.2 Blockchain Evaluation Environment 40
7.2 Evaluation of Algorithm 41
7.3 Evaluation of Filter Length Setting 44
7.4 Evaluation of CP-ABE Encryption 46
7.5 Evaluation of Search on Blockchain 48
8. Conclusion 50
Reference 51

參考文獻

[1] V. Hassija, V. Chamola, V. Gupta, S. Jain, and N. Guizani, “A Survey on Supply
Chain Security: Application Areas, Security Threats, and Solution Architectures,”
IEEE Internet of Things Journal, vol. 8, no. 8, pp. 6222–6246, Apr. 2021, doi:
10.1109/JIOT.2020.3025775.
[2] D. Prajogo and J. Olhager, “Supply chain integration and performance: The effects
of long-term relationships, information technology and sharing, and logistics
integration,” International Journal of Production Economics, vol. 135, no. 1, pp.
514–522, Jan. 2012, doi: 10.1016/j.ijpe.2011.09.001.
[3] H. L. Lee, K. C. So, and C. S. Tang, “The Value of Information Sharing in a TwoLevel Supply Chain,” Management Science, vol. 46, no. 5, pp. 626–643, May 2000,
doi: 10.1287/mnsc.46.5.626.12047.
[4] H. Zhou and W. C. Benton, “Supply chain practice and information sharing,”
Journal of Operations Management, vol. 25, no. 6, pp. 1348–1365, Nov. 2007, doi:
10.1016/j.jom.2007.01.009.
[5] S. Qi, Y. Zheng, M. Li, Y. Liu, and J. Qiu, “Scalable Industry Data Access Control
in RFID-Enabled Supply Chain,” IEEE/ACM Transactions on Networking, vol. 24,
no. 6, pp. 3551–3564, Dec. 2016, doi: 10.1109/TNET.2016.2536626.
[6] “Data Risk in the Third-Party Ecosystem: Third Annual Study,” Ponemon Institute.
https://www.ponemon.org/research/ponemon-library/security/data-risk-in-thethird-party-ecosystem-third-annual-study.html (accessed Mar. 08, 2023).
[7] A. Sahai and B. Waters, “Fuzzy Identity-Based Encryption,” in Advances in
Cryptology – EUROCRYPT 2005, R. Cramer, Ed., in Lecture Notes in Computer
Science. Berlin, Heidelberg: Springer, 2005, pp. 457–473. doi:
10.1007/11426639_27.
[8] S. Nakamoto, “Bitcoin: A Peer-to-Peer Electronic Cash System”.
[9] “Ethereum Whitepaper,” ethereum.org. https://ethereum.org (accessed Mar. 09,
2023).
[10]“IPFS Documentation | IPFS Docs.” https://docs.ipfs.tech/ (accessed Mar. 10,
2023).
[11]L.-Y. Yeh, C.-Y. Shen, W.-C. Huang, W.-H. Hsu, and H.-C. Wu, “GDPR-Aware
Revocable P2P File-Sharing System Over Consortium Blockchain,” IEEE Systems
Journal, vol. 16, no. 4, pp. 5234–5245, Feb. 2022, doi:
10.1109/JSYST.2021.3139319.
[12]V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-based encryption for finegrained access control of encrypted data,” in Proceedings of the 13th ACM
conference on Computer and communications security, in CCS ’06. New York, NY, USA: Association for Computing Machinery, Oct. 2006, pp. 89–98. doi:
10.1145/1180405.1180418.
[13]J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-Policy Attribute-Based
Encryption,” in 2007 IEEE Symposium on Security and Privacy (SP ’07), Berkeley,
CA: IEEE, May 2007, pp. 321–334. doi: 10.1109/SP.2007.11.
[14]M. Nakasumi, “Information Sharing for Supply Chain Management Based on
Block Chain Technology,” in 2017 IEEE 19th Conference on Business Informatics
(CBI), Jul. 2017, pp. 140–149. doi: 10.1109/CBI.2017.56.
[15]I. A. Omar, R. Jayaraman, M. S. Debe, H. R. Hasan, K. Salah, and M. Omar,
“Supply Chain Inventory Sharing Using Ethereum Blockchain and Smart
Contracts,” IEEE Access, vol. 10, pp. 2345–2356, 2022, doi:
10.1109/ACCESS.2021.3139829.
[16]M. Du, Q. Chen, J. Xiao, H. Yang, and X. Ma, “Supply Chain Finance Innovation
Using Blockchain,” IEEE Transactions on Engineering Management, vol. 67, no.
4, pp. 1045–1058, Jan. 2020, doi: 10.1109/TEM.2020.2971858.
[17]S. van Engelenburg, M. Janssen, and B. Klievink, “A Blockchain Architecture for
Reducing the Bullwhip Effect,” in Business Modeling and Software Design, B.
Shishkov, Ed., in Lecture Notes in Business Information Processing. Cham:
Springer International Publishing, 2018, pp. 69–82. doi: 10.1007/978-3-319-
94214-8_5.
[18]M. H. Abidi, H. Alkhalefah, U. Umer, and M. K. Mohammed, “Blockchain-based
secure information sharing for supply chain management: Optimization assisted
data sanitization process,” International Journal of Intelligent Systems, vol. 36, no.
1, pp. 260–290, 2021, doi: 10.1002/int.22299.
[19]S. Mirjalili and A. Lewis, “The Whale Optimization Algorithm,” Advances in
Engineering Software, vol. 95, pp. 51–67, May 2016, doi:
10.1016/j.advengsoft.2016.01.008.
[20]Q. Song, Y. Chen, Y. Zhong, K. Lan, S. Fong, and R. Tang, “A Supply-chain System
Framework Based on Internet of Things Using Blockchain Technology,” ACM
Trans. Internet Technol., vol. 21, no. 1, p. 13:1-13:24, Jan. 2021, doi:
10.1145/3409798.
[21]Q. Wen, Y. Gao, Z. Chen, and D. Wu, “A Blockchain-based Data Sharing Scheme
in The Supply Chain by IIoT,” in 2019 IEEE International Conference on
Industrial Cyber Physical Systems (ICPS), May 2019, pp. 695–700. doi:
10.1109/ICPHYS.2019.8780161.
[22]C. Liu, F. Xiang, and Z. Sun, “Multiauthority Attribute-Based Access Control for
Supply Chain Information Sharing in Blockchain,” Security and Communication
Networks, vol. 2022, p. e8497628, Apr. 2022, doi: 10.1155/2022/8497628.
[23]C. Bösch, P. Hartel, W. Jonker, and A. Peter, “A Survey of Provably Secure
Searchable Encryption,” ACM Comput. Surv., vol. 47, no. 2, p. 18:1-18:51, Aug.
2014, doi: 10.1145/2636328.
[24]D. X. Song, D. Wagner, and A. Perrig, “Practical techniques for searches on
encrypted data,” in Proceeding 2000 IEEE Symposium on Security and Privacy.
S&P 2000, May 2000, pp. 44–55. doi: 10.1109/SECPRI.2000.848445.
[25]R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, “Searchable symmetric
encryption: improved definitions and efficient constructions,” in Proceedings of
the 13th ACM conference on Computer and communications security, in CCS ’06.
New York, NY, USA: Association for Computing Machinery, Oct. 2006, pp. 79–
88. doi: 10.1145/1180405.1180417.
[26]D. Boneh, G. Di Crescenzo, R. Ostrovsky, and G. Persiano, “Public Key
Encryption with Keyword Search,” in Advances in Cryptology - EUROCRYPT
2004, C. Cachin and J. L. Camenisch, Eds., in Lecture Notes in Computer Science.
Berlin, Heidelberg: Springer, 2004, pp. 506–522. doi: 10.1007/978-3-540-24676-
3_30.
[27]S. Hu, C. Cai, Q. Wang, C. Wang, X. Luo, and K. Ren, “Searching an Encrypted
Cloud Meets Blockchain: A Decentralized, Reliable and Fair Realization,” in IEEE
INFOCOM 2018 - IEEE Conference on Computer Communications, Apr. 2018, pp.
792–800. doi: 10.1109/INFOCOM.2018.8485890.
[28]C. Cai, J. Weng, X. Yuan, and C. Wang, “Enabling Reliable Keyword Search in
Encrypted Decentralized Storage with Fairness,” IEEE Transactions on
Dependable and Secure Computing, vol. 18, no. 1, pp. 131–144, Jan. 2021, doi:
10.1109/TDSC.2018.2877332.
[29]S. Tahir and M. Rajarajan, “Privacy-Preserving Searchable Encryption Framework
for Permissioned Blockchain Networks,” in 2018 IEEE International Conference
on Internet of Things (iThings) and IEEE Green Computing and Communications
(GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and
IEEE Smart Data (SmartData), Jul. 2018, pp. 1628–1633. doi:
10.1109/Cybermatics_2018.2018.00272.
[30]H. Li, H. Tian, F. Zhang, and J. He, “Blockchain-based searchable symmetric
encryption scheme,” Computers & Electrical Engineering, vol. 73, pp. 32–45, Jan.
2019, doi: 10.1016/j.compeleceng.2018.10.015.
[31]L. Chen, W.-K. Lee, C.-C. Chang, K.-K. R. Choo, and N. Zhang, “Blockchain
based searchable encryption for electronic health record sharing,” Future
Generation Computer Systems, vol. 95, pp. 420–429, Jun. 2019, doi:
10.1016/j.future.2019.01.018.
[32]S. Gao, Y. Chen, J. Zhu, Z. Sui, R. Zhang, and X. Ma, “BPMS: Blockchain-based Privacy-preserving Multi-keyword Search in Multi-owner Setting,” IEEE
Transactions on Cloud Computing, pp. 1–13, 2022, doi:
10.1109/TCC.2022.3196712.
[33]B. H. Bloom, “Space/time trade-offs in hash coding with allowable errors,”
Commun. ACM, vol. 13, no. 7, pp. 422–426, Jul. 1970, doi:
10.1145/362686.362692.
[34]Z. Ying, W. Jiang, X. Liu, S. Xu, and R. H. Deng, “Reliable Policy Updating Under
Efficient Policy Hidden Fine-Grained Access Control Framework for Cloud Data
Sharing,” IEEE Transactions on Services Computing, vol. 15, no. 6, pp. 3485–3498,
Jan. 2022, doi: 10.1109/TSC.2021.3096177.
[35]M. J. Dworkin, “Advanced Encryption Standard (AES),” National Institute of
Standards and Technology, Gaithersburg, MD, NIST FIPS 197-upd1, 2023. doi:
10.6028/NIST.FIPS.197-upd1.
[36]D. Boneh, X. Boyen, and E.-J. Goh, “Hierarchical Identity Based Encryption with
Constant Size Ciphertext,” in Advances in Cryptology – EUROCRYPT 2005, R.
Cramer, Ed., in Lecture Notes in Computer Science. Berlin, Heidelberg: Springer,
2005, pp. 440–456. doi: 10.1007/11426639_26.
[37]M. J. Dworkin, “SHA-3 Standard: Permutation-Based Hash and ExtendableOutput Functions,” National Institute of Standards and Technology, NIST FIPS 202,
Jul. 2015. doi: 10.6028/NIST.FIPS.202.
[38]A. De Caro and V. Iovino, “jPBC: Java pairing based cryptography,” in 2011 IEEE
Symposium on Computers and Communications (ISCC), Jun. 2011, pp. 850–855.
doi: 10.1109/ISCC.2011.5983948.

指導教授

葉羅堯(Lo-Yao Yeh)

審核日期

2023-7-24

推文