Please wait a minute...
浙江大学学报(工学版)
Journal of ZheJiang University (Engineering Science)  2025, Vol. 59 Issue (2): 269-277    DOI: 10.3785/j.issn.1008-973X.2025.02.005
    
Blockchain-based trusted distributed industrial data governance scheme
Rong HUANG1,2,3(),Wenqin YANG1,2,3,*(),Zhigang SONG1,2,3
1. The Academy of Digital China(Fujian), Fuzhou University, Fuzhou 350003, China
2. Key Laboratory of Spatial Data Mining andInformation Sharing of Ministry of Education, Fuzhou University, Fuzhou 350108, China
3. National and Local Joint EngineeringResearch Center of Satellite Geospatial Information Technology, Fuzhou University, Fuzhou 350108, China
Download: HTML     PDF(1274KB) HTML
Export: BibTeX | EndNote (RIS)      

Abstract  

A trusted distributed industrial data governance solution was designed based on blockchain technology in order to address the issue of the lack of a unified product data sharing service in current industrial systems, which limited users’ access to credible product traceability information. This solution enabled efficient and secure product data sharing and governance. Product data was compressed and encrypted off-chain by the data generator before it was submitted to the blockchain system. The system supported off-chain/on-chain data access through two types of blockchain transactions (producer transactions and data transactions) in order to ensure the availability of product data during the off-chain process. A hybrid access control mechanism was implemented to encrypt product data and share secret keys exclusively with authorized data users. This solution effectively protected the privacy of product data, provided fine-grained access control, and ensured end-to-end traceability of the entire product data generation process. Performance tests showed that the computation and communication costs during the key generation phase did not exceed 81.592 ms and 2.83 kB respectively on the secp256k1 elliptic curve (providing 128 bit security). The data submission phase incured cost of no more than 50.251 ms and 3.59 kB, the data update phase did not exceed 251.596 ms, and the data retrieval time remained under 311.104 ms. Performance comparisons with similar schemes confirmed the efficiency of this solution.

Key wordsblockchain      data trusted governance      privacy protection      fine-grained access control      whole process provenance     
Received: 22 December 2023      Published: 11 February 2025
CLC:  TP 393  
Fund:  中央引导地方科技发展专项资助项目(2022L3003).
Corresponding Authors: Wenqin YANG     E-mail: front@fzu.edu.cn;ywq@fzu.edu.cn
Service
E-mail this article
Add to my bookshelf
Add to citation manager
E-mail Alert
RSS
Articles by authors
Rong HUANG
Wenqin YANG
Zhigang SONG
Cite this article:

Rong HUANG,Wenqin YANG,Zhigang SONG. Blockchain-based trusted distributed industrial data governance scheme. Journal of ZheJiang University (Engineering Science), 2025, 59(2): 269-277.

URL:

https://www.zjujournals.com/eng/10.3785/j.issn.1008-973X.2025.02.005     OR     https://www.zjujournals.com/eng/Y2025/V59/I2/269


基于区块链的可信分布式工业数据治理方案

针对当前工业系统缺乏统一的产品数据共享服务,限制了用户获取可信的产品追溯信息的问题,基于区块链设计可信分布式工业数据治理方案,实现高效、安全的产品数据共享与治理. 产品数据生成者将数据提交到区块链系统之前,在离链状态下对产品数据进行压缩和加密. 为了在离链过程中使产品数据可用,系统通过2种类型的区块链交易(生成者交易和数据交易)支持离链/链上数据访问. 提供混合访问控制机制用于加密产品数据,将秘密密钥仅提供给经过授权的数据用户. 该方案能够有效地保护产品数据的隐私性,提供细粒度的访问控制,能够对产品数据生成的全流程进行溯源. 系统性能的测试结果表明,在secp256k1椭圆曲线上(提供128 bit安全性),密钥生成阶段的计算和通信开销不高于81.592 ms和2.83 kB,数据提交阶段不高于50.251 ms和3.59 kB,数据更新时间不超过251.596 ms,数据读取时间不高于311.104 ms. 与同类方案的性能比较结果证实了该方案的高效性.


关键词: 区块链,  数据可信治理,  隐私保护,  细粒度访问控制,  全流程溯源 
Fig.1 Architecture of blockchain-based trusted distributed data governance system
符号描述
$ \mathrm{A}\mathrm{B}\mathrm{E}/\mathrm{C}\mathrm{o}\mathrm{m}\mathrm{p} $属性基加密方案/
数据压缩算法
$ \mathrm{A}\mathrm{g}\mathrm{g}\mathrm{S}\mathrm{i}\mathrm{g}/\mathrm{S}\mathrm{E}\mathrm{n}\mathrm{c} $聚合签名方案/
对称加密方案
$ \mathrm{P}\mathrm{P}/\mathrm{M}\mathrm{S}\mathrm{K}/\mathrm{D}\mathrm{K}/\mathrm{A}\mathrm{T}\mathrm{T}\mathrm{R} $公开参数/主密钥/
属性密钥/属性集合
$ \mathrm{S}\mathrm{K}/\mathrm{V}\mathrm{K}/\sigma $签名密钥/验证密钥/签名值
$ {P}_{1},\cdots ,{P}_{N} $/$ {m}_{1},\cdots ,{m}_{N} $产品数据生成者/产品信息
$ \text{add}{\text{r}}_{1},\cdots ,\text{add}{\text{r}}_{N} $产品数据生成者的地址(用于溯源)
$ \mathrm{i}\mathrm{d}/{\mathrm{v}} $产品标识/版本号
$ \text{C}{\text{T}}_{1}/\text{C}{\text{T}}_{2} $ABE密文/对称加密密文
Tab.1 Notation and description of trusted distributed industrial data governance system
特性文献[2]
方案		文献[3]
方案		文献[4]
方案		文献[5]
方案		本文
方案
数据保密性×
数据可搜索××××
数据可更新×××
分布式数据治理×
细粒度访问控制××
全流程溯源××××
Tab.2 Feature comparison of data governance program
Fig.2 Computation and communication overhead of key generation phase
Fig.3 Computation and communication overhead of data submission phase
Fig.4 Computation overhead of data update phase
Fig.5 Computation overhead of data read phase
方案T/ms
密钥生成数据提交数据更新(链上)数据更新(离链)数据读取(链上)数据读取(离链)
文献[2]方案14.86531.08154.89348.68475.61275.612
文献[3]方案8.66415.648
文献[4]方案18.96426.98459.302
文献[5]方案26.743260.481126.846
本文方案15.79217.35148.68632.46458.61458.614
方案B/kB
密钥生成数据提交数据更新(链上)数据更新(离链)数据读取(链上)数据读取(离链)
文献[2]方案0.5822.5407.6816.5841.0831.083
文献[3]方案0.8930.084
文献[4]方案0.8691.2280.736
文献[5]方案1.0673.6822.948
本文方案0.5841.3440.6820.4450.0890.089
Tab.3 Performance comparison of data governance program
[1]   ZHANG Yongpin, XU Xiwei, LIU Ang, et al Blockchain-based trust mechanism for IoT-based smart manufacturing system[J]. IEEE Transactions on Computational Social Systems, 2019, 6 (6): 1386- 1394
doi: 10.1109/TCSS.2019.2918467
[2]   GARCIA R D, RAMACHANDRAN G S, JURDAK R, et al Blockchain-aided and privacy-preserving data governance in multi-stakeholder applications[J]. IEEE Transactions on Network and Service Management, 2022, 19 (4): 3781- 3793
doi: 10.1109/TNSM.2022.3225254
[3]   XU Tianyi, QIU Tie, HU Dengcheng, et al A scalable two-layer blockchain system for distributed multi-cloud storage in IIoT[J]. IEEE Transactions on Industrial Informatics, 2022, 18 (12): 9173- 9183
doi: 10.1109/TII.2022.3179733
[4]   杨业平, 林德威, 黄芳芳, 等. 基于区块链的物联网安全数据共享系统[J]. 福州大学学报: 自然科学版, 2021, 49(6): 739-746.
YANG Yeping, LIN Dewei, HUANG Fangfang, et al. A blockchain-based secure data sharing system for the internet of things [J]. Journal of Fuzhou University: Natural Science Edition , 2021, 49(6): 739-746.
[5]   宁建廷, 黄欣沂, 魏立斐, 等 支持恶意用户追踪的属性基云数据共享方案[J]. 计算机学报, 2022, 45 (7): 1431- 1445
NING Jianting, HUANG Xinyi, WEI Lifei, et al An attribute-based cloud data sharing scheme supporting malicious user tracking[J]. Journal of Chinese Computer Science, 2022, 45 (7): 1431- 1445
doi: 10.11897/SP.J.1016.2022.01431
[6]   张建标, 张兆乾, 徐万山, 等 一种基于区块链的域间访问控制模型[J]. 软件学报, 2021, 32 (5): 1547- 1564
ZHANG Jianbiao, ZHANG Zhaoqian, XU Wanshan, et al A blockchain-based inter-domain access control model[J]. Journal of Software, 2021, 32 (5): 1547- 1564
[7]   WANG Chao, WANG Shuo, CHENG Xiaoman, et al A privacy and efficiency-oriented data sharing mechanism for IoTs[J]. IEEE Transactions on Big Data, 2022, 8 (1): 174- 185
[8]   CHRISTIAN C. Architecture of the hyperledger blockchain fabric [C]// Workshop on Distributed Cryptocurrencies and Consensus Ledgers . Chicago: ACM, 2016: 14-17.
[9]   YANNIS R, BRENT W. Practical constructions and new proof methods for large universe attribute-based encryption [C]// ACM Sigsac Conference on Computer and Communications Security . Berlin: ACM, 2013: 463-474.
[10]   DAN B, CRAIG G, BEN L, et al. Aggregate and verifiably encrypted signatures from bilinear maps [C]// Annual International Cryptology Conference . Warsaw: Springer, 2003: 416-432.
[11]   DATTA P, KOMARGODSKI I, WATERS B. Fully adaptive decentralized multi-authority ABE [C]// Theory and Applications of Cryptographic Techniques. Lyon: Springer. 2023: 447-478.
[12]   YANG Yang, DENG R, GUO Wenzhong, et al Dual traceable distributed attribute-based searchable encryption and ownership transfer[J]. IEEE Transactions on Cloud Computing, 2021, 11 (1): 247- 262
[13]   LI Wei, XUE Kaiping, XUE Yingjie, et al TMACS: a robust and verifiable threshold multi-authority access control system in public cloud storage[J]. IEEE Transactions on Parallel and Distributed Systems, 2016, 27 (5): 1484- 1496
doi: 10.1109/TPDS.2015.2448095
[14]   JOSEPH A, CHRISTINA G, IAN M, et al Charm: a framework for rapidly prototyping cryptosystems[J]. Journal of Cryptographic Engineering, 2013, 3 (2): 111- 128
doi: 10.1007/s13389-013-0057-3
[15]   JOAN D, CRISTINA P, JORDI H. The Bitcoin P2P network [C]// Conference on Financial Cryptography . ChristChurch: Springer, 2014: 87–102.
[1] Zihao SHAO,Ru HUO,Zhihao WANG,Dong NI,Renchao XIE. Survey of mobile crowdsensing data processing based on blockchain[J]. Journal of ZheJiang University (Engineering Science), 2024, 58(6): 1091-1106.
[2] Su LI,Ze CHEN,Baoyan SONG,Haolin ZHANG. Enterprise composite blockchain construction method for business environment evaluation[J]. Journal of ZheJiang University (Engineering Science), 2024, 58(5): 891-899.
[3] Zihao SHEN,Mengke LIU,Hui WANG,Peiqian LIU,Kun LIU. User defined location sharing scheme based on blockchain[J]. Journal of ZheJiang University (Engineering Science), 2024, 58(4): 655-663.
[4] Xuejiao LIU,Xiang ZHAO,Yingjie XIA,Tiancong CAO. Efficient heterogeneous authentication scheme with privacy protection in air-ground collaboration scenario[J]. Journal of ZheJiang University (Engineering Science), 2024, 58(10): 1981-1991.
[5] Yue ZHAO,He ZHAO,Haibo TAN,Bin YU,Wangnian YU,Zhiyu MA. Improved method for blockchain Kademlia network based on small world theory[J]. Journal of ZheJiang University (Engineering Science), 2024, 58(1): 1-9.
[6] Zihao SHEN,Yuyu TANG,Hui WANG,Peiqian LIU,Kun LIU. Clustering and deep learning based trajectory privacy protection mechanism for Internet of vehicles[J]. Journal of ZheJiang University (Engineering Science), 2024, 58(1): 20-28.
[7] Can CUI,Xiao-hu YANG,Wei-wei QIU,Fang-lei HUANG. GPU-based acceleration technology for signature verification of blockchain transactions[J]. Journal of ZheJiang University (Engineering Science), 2023, 57(8): 1505-1515.
[8] Chuan-hua WANG,Quan ZHANG,Hui-min WANG,Xin XU,Ou-bo MA. Reputation model for VANETs with privacy-preserving under blockchain architecture[J]. Journal of ZheJiang University (Engineering Science), 2023, 57(4): 760-772.
[9] Jin-sheng YANG,Hao WANG,Zhen GAO,Zhao-hui GUO. Double RSA accumulator based stateless transaction verification scheme[J]. Journal of ZheJiang University (Engineering Science), 2023, 57(1): 178-189.
[10] Xue-jiao LIU,Qing-wu SONG,Ying-jie XIA. Secure computation offloading scheme for matrix in Internet of vehicles based on blockchain[J]. Journal of ZheJiang University (Engineering Science), 2023, 57(1): 144-154.
[11] Xue-jiao LIU,Hui-min WANG,Ying-jie XIA,Si-wei ZHAO. Task allocation method for Internet of vehicles spatial crowdsourcing with privacy protection[J]. Journal of ZheJiang University (Engineering Science), 2022, 56(7): 1267-1275.
[12] Si-han DONG,Jun-chang XIN,Kun HAO,Zhong-ming YAO,Jin-yi CHEN. A join query optimization algorithm in multi-blockchain environment[J]. Journal of ZheJiang University (Engineering Science), 2022, 56(2): 313-321.
[13] Miao HE,Fen-hua BAI,Zhuo YU,Tao SHEN. Publicly verifiable secret sharing technology in blockchain[J]. Journal of ZheJiang University (Engineering Science), 2022, 56(2): 306-312.
[14] Liang SUN,Xiao-feng LI,He ZHAO,Bin YU,Tong ZHOU,Xi-ru LI. NFT-based method for assetization of physical assets on blockchain[J]. Journal of ZheJiang University (Engineering Science), 2022, 56(10): 1900-1911.
[15] Xiu-bo LIANG,Jun-han WU,Yu ZHAO,Ke-ting YIN. Review of blockchain data security management and privacy protection technology research[J]. Journal of ZheJiang University (Engineering Science), 2022, 56(1): 1-15.