网络与信息安全学报 (Jun 2020)
Blockchain data access control scheme based on CP-ABE algorithm
Abstract
Different from the public chain, the consortium blockchain Hyperledger Fabric integrates the additional member management service(MSP) mechanism to provide channel-based data isolation protection. However, the data isolation protection mechanism still synchronizes the plaintext data within a channel, so there is a risk of data leakage. Besides, the channel-based data access control mechanism does not apply to some fine-grained privacy protection scenarios. To solve the problems of data privacy and security involved in the consortium chain Hyperledger mentioned above, a blockchain data access control scheme based on the CP-ABE algorithm was proposed. Based on the original existing Fabric-CA module in the Hyperledger, our scheme can realize the secure distribution of user attribute keys in the CP-ABE scheme while implementing the fine-grained security access control of blockchain data at the user level. The security analysis shows that the scheme achieves the security goals of ABE user attribute private key security distribution and data privacy protection. The performance analysis also shows that the proposed scheme has good usability.
Keywords
