C会区块链论文速读-TrustCom 2023（6/6）矿池中心化如何解决？_业界新闻

发布时间:2024-07-19 00:51

阅读量:3

Conference：22nd IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

CCF level：CCF C

Categories：Network and Information Security

Year：2023

Num：30

Conference time：1-3 November 2023

Title:

FlexAuth: A Decentralized Authorization System with Flexible Delegation

FlexAuth：灵活授权的去中心化授权系统

Authors:

Key words:

Access control, Decentralized Authorization, Delegation, Blockchain, Data security

访问控制、去中心化授权、授权、区块链、数据安全

Abstract:

The dispersion of resource authorization across various authorization systems raises the complexity and inconsistency of authorization management. Therefore, the pursuit of a unified resource authorization management system is necessary. Most widely used authorization systems are based on centralized services with a single delegation pattern. These authorization systems can be easily compromised, leading to permissions tampering, and are unsuitable for complex usage scenarios. We propose a decentralized authorization system that provides flexible delegation called FlexAuth. We first define a decentralized data storage layer based on blockchain, using smart contracts to implement data writing and resolving, preventing data from being tampered with. On top of this, we implement active and passive delegation patterns of authorization services. We allow users to delegate permissions actively. Also, FlexAuth enables them to respond to authorization requests passively by making flexible and expressive access control policies based on relation-ships and attributes, using the proposed Hybrid Access Control Model (HACM). Furthermore, all delegations in FlexAuth are transitive. Finally, through analysis and experiments, we validate the usability and efficiency of FlexAuth. To our knowledge, FlexAuth is the first decentralized authorization system with transitive delegation in active and passive patterns, achieving flexible delegation.

资源授权分散在不同的授权系统中，增加了授权管理的复杂性和不一致性。因此，有必要建立统一的资源授权管理系统。大多数广泛使用的授权系统都是基于单一授权模式的集中式服务。这些授权系统很容易被破解，导致权限被篡改，而且不适合复杂的使用场景。我们提出了一种能提供灵活授权的分散式授权系统，称为 FlexAuth。我们首先定义了一个基于区块链的去中心化数据存储层，使用智能合约实现数据写入和解析，防止数据被篡改。在此基础上，我们实现了授权服务的主动和被动授权模式。我们允许用户主动授权。同时，FlexAuth 还能让用户通过使用所提出的混合访问控制模型（HACM）制定基于关系和属性的灵活而富有表现力的访问控制策略，从而被动地响应授权请求。此外，FlexAuth 中的所有授权都是传递性的。最后，通过分析和实验，我们验证了 FlexAuth 的可用性和效率。据我们所知，FlexAuth 是第一个在主动和被动模式下具有反式授权的分散式授权系统，实现了灵活的授权。

Pdf link:

https://ieeexplore.ieee.org/document/10538799

Title:

Referable NFT-based Revenue Allocation Mechanism in Data Marketplace

数据市场中基于referable NFT的收入分配机制

Authors:

Key words:

referable NFT, revenue allocation, data marketplace

referable NFT、收入分配、数据市场

Abstract:

Nowadays, data are regarded as an intangible asset. In the data marketplace, data are treated as a commodity or service, data owners can gain economic revenue by selling their data ownership or data usage rights. However, the data marketplace is facing various threats and challenges, such as unauthorized data reselling, trade of bogus data, dishonest data ownership claims, and unreasonable revenue allocation. Particularly, in the process of data resale, the revenue allocation remains a challenge when the data are processed and resold in another format. To solve this problem, we propose a revenue allocation mechanism based on the referable Non-Fungible Token (rNFT) and Shapley value method. Firstly, we tokenize the data to NFT to ensure the data ownership is traceable; Secondly, we use rNFT to record the data lineage that ensures the data owner can participate in the revenue allocation when the data are resold; Finally, we calculate the contribution of each party by the Shapley value method to ensure fairness in revenue allocation. We implement a prototype of our scheme on Ethereum and evaluate it comprehensively. The test results indicate that our scheme can meet the performance requirements of the data marketplace and improve the revenue of data owners effectively.

如今，数据被视为一种无形资产。在数据市场上，数据被视为一种商品或服务，数据所有者可以通过出售数据所有权或数据使用权获得经济收益。然而，数据市场正面临着各种威胁和挑战，如未经授权的数据转售、虚假数据交易、不诚实的数据所有权主张、不合理的收益分配等。特别是在数据转售过程中，当数据经过处理并以另一种格式转售时，收益分配仍然是一个难题。为了解决这个问题，我们提出了一种基于不可篡改的referable token（rNFT）和 Shapley 值法的收益分配机制。首先，我们将数据标记为 NFT，以确保数据所有权的可追溯性；其次，我们使用 rNFT 记录数据的流向，以确保数据所有者在数据转售时可以参与收益分配；最后，我们通过 Shapley 值法计算各方的贡献，以确保收益分配的公平性。我们在以太坊上实现了我们方案的原型，并对其进行了全面评估。测试结果表明，我们的方案可以满足数据市场的性能要求，并有效提高数据所有者的收益。

Pdf link:

https://ieeexplore.ieee.org/document/10538969

Title:

Felix: A Model of Detecting Off-chain Abnormal States in Decentralized Applications

Felix：在去中心化应用中检测链外异常状态的模型

Authors:

Key words:

blockchain, decentralized applications, software testing

区块链、去中心化应用、软件测试

Abstract:

With the rapid development of blockchain technology, the use of decentralized applications (DApps) has experienced significant growth. However, current testing methods for DApps primarily focus on testing the smart contracts on the blockchain, which are the foundation of DApps, but lack a comprehensive approach to effectively detect off-chain abnormal states. To address this issue, this paper proposes a generic abnormal state detection model based on off-chain transaction data. The model leverages the DApp program code logic to set up test oracles to analyze off-chain transaction data. Experimental results demonstrate that the model achieves high accuracy in detecting off-chain abnormal states, with a prediction accuracy as high as 96.3%. Furthermore, a comparison with other related vulnerability detection methods shows the advantages of the proposed approach.

随着区块链技术的快速发展，去中心化应用程序（DApps）的使用也经历了显著增长。然而，目前针对 DApps 的测试方法主要集中于测试区块链上的智能合约，而智能合约是 DApps 的基础，但缺乏有效检测链下异常状态的综合方法。针对这一问题，本文提出了一种基于链外交易数据的通用异常状态检测模型。该模型利用 DApp 程序代码逻辑来设置测试预言机，从而分析链外交易数据。实验结果表明，该模型检测链下异常状态的准确率很高，预测准确率高达 96.3%。此外，与其他相关漏洞检测方法的比较也显示了所提方法的优势。

Pdf link:

https://ieeexplore.ieee.org/document/10538544

Title:

PrivOff: Secure and Privacy-Preserving Data Management for Distributed Off-Chain Networks

PrivOff：分布式链外网络的安全和隐私保护数据管理

Authors:

Key words:

Distributed off-chain networks, blockchain, data security, privacy

分布式链外网络、区块链、数据安全、隐私

Abstract:

In today’s healthcare landscape, emerging technologies serve as crucial foundations, and the integration of blockchain technology into this rapidly evolving digital framework is invaluable. However, the healthcare industry has long struggled with managing the immense and ever-expanding amount of big data electronic health records (EHRs) collected from various sources, including the Internet of Things (IoT), wearable devices, and mobile applications. The storage of all these big data EHRs on the chain creates blockchain bloat, leading to slow transaction speed and high storage costs. More importantly, it incurs security and privacy leakage problems while sharing patients’ sensitive data transparently with a wide range of users in a distributed network. To address these challenges, we propose a secure and privacy-preserving data management system for distributed off-chain networks called PrivOff based on blockchain technology, which stores big EHRs separately in the decentralized file system with efficient access control enforcement and flexible revocation to prevent data breaches. In addition, patients can securely share data without revealing their unique identities to ensure privacy. The evaluation results and security analysis reveal that PrivOff can notably reduce the blockchain storage burden while offering data security, patient privacy, and high data availability.

在当今的医疗保健领域，新兴技术是至关重要的基础，而将区块链技术整合到这一快速发展的数字框架中则显得弥足珍贵。然而，长期以来，医疗保健行业一直在努力管理从各种来源（包括物联网（IoT）、可穿戴设备和移动应用）收集的大量且不断扩大的大数据电子健康记录（EHR）。在链上存储所有这些大数据电子健康记录会造成区块链臃肿，导致交易速度慢和存储成本高。更重要的是，在分布式网络中与广大用户透明共享患者敏感数据的同时，还会产生安全和隐私泄露问题。为了应对这些挑战，我们提出了一种基于区块链技术的分布式离链网络安全和隐私保护数据管理系统--PrivOff，该系统将大型电子病历分别存储在去中心化的文件系统中，并通过高效的访问控制执行和灵活的撤销来防止数据泄露。此外，患者可以安全地共享数据，而不会泄露自己的独特身份，以确保隐私。评估结果和安全分析表明，PrivOff 可以显著减轻区块链存储负担，同时提供数据安全、患者隐私和高数据可用性。

Pdf link:

https://ieeexplore.ieee.org/document/10538763

Title:

Pooling Under the Sun: A Mining Pool Centralized Revisit and Solution

阳光下的矿池：矿池中心化的反思与解决方案

Authors:

Key words:

blockchain, mining pool, security, decentralization

区块链、矿池、安全性、去中心化

Abstract:

Mining pools are fundamental infrastructure in most public blockchain networks that utilize Proof-of-Work consensus, ensuring that miners receive stable rewards and contribute to the computational power and storage of the network. However, mining pools also introduce centralization to the network, which increases the risk of security issues such as bribe attacks and censorship. To address the issue, this paper proposes a decentralized mining pool schema SSMP. Firstly, we distinguish between two aspects of centralization in mining pools, which are data determination, and block ownership, and suggest solutions to mitigate these issues. The proposed method utilizes anonymous broadcasting for a random leader selection schema to ensure each participating miner has an equal possibility to generate the block data. Additionally, a special threshold signature design prevents the leader miner from controlling the valid block solely of the mining pool through bribery. To validate our approach, we theoretically verify the security of the proposed method and compare it to traditional centralized mining pools. In summary, SSMP withholds the essential properties of the decentralized mining pools that maintain efficiency.

矿池是大多数利用 "工作证明 "共识的公共区块链网络的基本基础设施，可确保矿工获得稳定的奖励，并为网络的计算能力和存储做出贡献。然而，矿池也为网络引入了中心化，增加了贿赂攻击和审查等安全问题的风险。为解决这一问题，本文提出了一种去中心化矿池模式 SSMP。首先，我们区分了矿池中心化的两个方面，即数据确定和区块所有权，并提出了缓解这些问题的解决方案。所提出的方法利用匿名广播的随机领导者选择模式，确保每个参与的矿工都有平等的机会生成区块数据。此外，一种特殊的阈值签名设计可以防止领头矿工通过贿赂控制矿池的唯一有效区块。为了验证我们的方法，我们从理论上验证了所提方法的安全性，并将其与传统的集中式矿池进行了比较。总之，SSMP 保留了分散式矿池保持效率的基本特性。