当前位置:
X-MOL 学术
›
Future Gener. Comput. Syst.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Blockchain empowered access control for digital twin system with attribute-based encryption
Future Generation Computer Systems ( IF 6.2 ) Pub Date : 2024-06-20 , DOI: 10.1016/j.future.2024.06.037 Yueyue Dai , Jian Wu , Shuqi Mao , Xiaoyang Rao , Bruce Gu , Youyang Qu , Yunlong Lu
Future Generation Computer Systems ( IF 6.2 ) Pub Date : 2024-06-20 , DOI: 10.1016/j.future.2024.06.037 Yueyue Dai , Jian Wu , Shuqi Mao , Xiaoyang Rao , Bruce Gu , Youyang Qu , Yunlong Lu
Digital twin is a pivotal and burgeoning technique that plays a crucial role in the realms of digital transformation and intelligent advancement. To bolster diverse applications and realize digital transformation, it is imperative to share the generated device data among multiple stakeholders involved in the digital twin system product life cycle. Since the device data contains sensitive and secret information, strict access control is required. Attribute-based encryption (ABE) is commonly employed for the construction of a cryptographic-enforced data access control scheme. ABE enables data confidentiality and one-to-many fine-grained access control due to its flexibility and high scalability. Unfortunately, traditional ABE schemes adopted in digital twin system has been hindered by the single point of failure and trust problems. Blockchain is a secure distributed ledger technology with decentralization and tamper-proofing properties. In this article, we present a blockchain-empowered data access control scheme for digital twin system with attribute-based encryption. Firstly, blockchain is employed to construct a complete, tamper-resistant, and efficient architecture for digital twin system to address challenges of access control. Subsequently, to ensure the confidentiality of digital twin data, we employ ciphertext-policy ABE (CP-ABE) to achieve fine-grained and one-to-many access control. Finally, we combine blockchain-based architecture with the interplanetary file system (IPFS) to propose a data storage scheme to release storage pressure on the blockchain and improve system efficiency. Security analysis and performance evaluation exhibit that the proposed access control scheme can effectively protect the data security of digital twin system with efficient storage.
中文翻译:
区块链通过基于属性的加密赋能数字孪生系统的访问控制
数字孪生是一项关键且新兴的技术,在数字化转型和智能进步领域发挥着至关重要的作用。为了支持多样化的应用并实现数字化转型,必须在数字孪生系统产品生命周期中涉及的多个利益相关者之间共享生成的设备数据。由于设备数据包含敏感、秘密信息,需要严格的访问控制。基于属性的加密 (ABE) 通常用于构建加密强制数据访问控制方案。由于其灵活性和高可扩展性,ABE 可实现数据机密性和一对多的细粒度访问控制。不幸的是,数字孪生系统中采用的传统ABE方案一直受到单点故障和信任问题的阻碍。区块链是一种安全的分布式账本技术,具有去中心化和防篡改的特性。在本文中,我们提出了一种基于区块链的基于属性加密的数字孪生系统数据访问控制方案。首先,利用区块链构建完整、防篡改、高效的数字孪生系统架构,解决访问控制的挑战。随后,为了确保数字孪生数据的机密性,我们采用密文策略ABE(CP-ABE)来实现细粒度和一对多的访问控制。最后,我们将基于区块链的架构与星际文件系统(IPFS)相结合,提出了一种数据存储方案,以释放区块链的存储压力并提高系统效率。安全分析和性能评估表明,所提出的访问控制方案能够有效保护具有高效存储的数字孪生系统的数据安全。
更新日期:2024-06-20
中文翻译:
区块链通过基于属性的加密赋能数字孪生系统的访问控制
数字孪生是一项关键且新兴的技术,在数字化转型和智能进步领域发挥着至关重要的作用。为了支持多样化的应用并实现数字化转型,必须在数字孪生系统产品生命周期中涉及的多个利益相关者之间共享生成的设备数据。由于设备数据包含敏感、秘密信息,需要严格的访问控制。基于属性的加密 (ABE) 通常用于构建加密强制数据访问控制方案。由于其灵活性和高可扩展性,ABE 可实现数据机密性和一对多的细粒度访问控制。不幸的是,数字孪生系统中采用的传统ABE方案一直受到单点故障和信任问题的阻碍。区块链是一种安全的分布式账本技术,具有去中心化和防篡改的特性。在本文中,我们提出了一种基于区块链的基于属性加密的数字孪生系统数据访问控制方案。首先,利用区块链构建完整、防篡改、高效的数字孪生系统架构,解决访问控制的挑战。随后,为了确保数字孪生数据的机密性,我们采用密文策略ABE(CP-ABE)来实现细粒度和一对多的访问控制。最后,我们将基于区块链的架构与星际文件系统(IPFS)相结合,提出了一种数据存储方案,以释放区块链的存储压力并提高系统效率。安全分析和性能评估表明,所提出的访问控制方案能够有效保护具有高效存储的数字孪生系统的数据安全。
京公网安备 11010802027423号