Showing papers on "Trusted third party published in 2021"

B-Ride: Ride Sharing With Privacy-Preservation, Trust and Fair Payment Atop Public Blockchain

Abstract: Ride-sharing is a service that enables drivers to share trips with other riders, contributing to appealing benefits of shared travel cost and reducing traffic congestion. However, the majority of existing ride-sharing services rely on a central third party to organize the service, which make them subject to a single point of failure and privacy disclosure concerns by both internal and external attackers. Moreover, they are vulnerable to distributed denial of service (DDoS) and Sybil attacks launched by malicious users and external attackers. Besides, high service fees are paid to the ride-sharing service provider. In this paper, we propose a decentralized ride-sharing service based on public Blockchain, named B-Ride. B-Ride enables drivers to offer ride-sharing services without relying on a trusted third party. Both riders and drivers can learn whether they can share rides while preserving their trip data, including pick-up/drop-off location, departure/arrival date and travel price. However, malicious users exploit the anonymity provided by the public blockchain to submit multiple ride requests or offers, while not committing to any of them, in order to find a better offer or to make the system unreliable. B-Ride solves this problem by introducing a time-locked deposit protocol for a ride-sharing by leveraging smart contract and zero-knowledge set membership proof. In a nutshell, both a driver and a rider have to show their good will and commitment by sending a deposit to the blockchain. Later, a driver has to prove to the blockchain on the agreed pick-up time that he/she arrived at the pick-up location on time. To preserve rider/driver privacy by hiding the exact pick-up location, the proof is performed using zero-knowledge set membership proof. Moreover, to ensure fair payment, a pay-as-you-drive methodology is introduced based on the elapsed distance of the driver and rider. In addition, we introduce a reputation model to rate drivers based on their past behaviour without involving any third-parties to allow riders to select them based on their history on the system. Finally, we implement our protocol and deploy it in a test net of Ethereum. The experimental results show the applicability of our protocol atop existing real-world blockchains.

Outsourcing Service Fair Payment Based on Blockchain and Its Applications in Cloud Computing

Abstract: As a milestone in the development of outsourcing services, cloud computing enables an increasing number of individuals and enterprises to enjoy the most advanced services from outsourcing service providers. Because online payment and data security issues are involved in outsourcing services, the mutual distrust between users and service providers may severely impede the wide adoption of cloud computing. Nevertheless, most existing solutions only consider a specific type of services and rely on a trusted third-party to realize fair payment. In this paper, to realize secure and fair payment of outsourcing services in general without relying on any third-party, trusted or not, we introduce BPay, an outsourcing service fair payment framework based on blockchain in cloud computing. We first propose the system architecture, adversary model and design goals of BPay, then describe the design details. Our security and compatibility analysis indicates that BPay achieves soundness and robust fairness and it is compatible with the Bitcoin blockchain and the Ethereum blockchain. The key to the robust fairness and compatibility lies in an all-or-nothing checking-proof protocol and a top-down checking method. In addition, our experimental results show that BPay is computationally efficient. Finally, we present the applications of BPay in outsourcing services.

The Revolution of Blockchain: State-of-the-Art and Research Challenges

Abstract: With the rapid development of Information Technology (IT) industries, data or information security has become one of the critical issues. Nowadays, Blockchain technology is widely using for improving data security. It is a tool for the individual and organization to interchange the digital asset without the intervention of a trusted third party i.e. a central administrator. This technology has given the ability to create digital tokens for representing assets, innovation and likely reshaping the scenery of entrepreneurship. Blockchain has several key properties, such as decentralization, immutability and transparency without using a trusted third party. It can be used in several fields, such as healthcare, digital voting, Internet of Things (IoT) and many more. This study aims to discuss the fundamentals of Blockchain. In this paper, the technology or working procedure of Blockchain including many applications in several fields are discussed. Finally, future work directions and open research challenges in the domain of Blockchain have been also discussed in detail.

SAFELearn: Secure Aggregation for private FEderated Learning

Abstract: Federated learning (FL) is an emerging distributed machine learning paradigm which addresses critical data privacy issues in machine learning by enabling clients, using an aggregation server (aggregator), to jointly train a global model without revealing their training data. Thereby, it improves not only privacy but is also efficient as it uses the computation power and data of potentially millions of clients for training in parallel. However, FL is vulnerable to so-called inference attacks by malicious aggregators which can infer information about clients’ data from their model updates. Secure aggregation restricts the central aggregator to only learn the summation or average of the updates of clients. Unfortunately, existing protocols for secure aggregation for FL suffer from high communication, computation, and many communication rounds.In this work, we present SAFELearn, a generic design for efficient private FL systems that protects against inference attacks that have to analyze individual clients’ model updates using secure aggregation. It is flexibly adaptable to the efficiency and security requirements of various FL applications and can be instantiated with MPC or FHE. In contrast to previous works, we only need 2 rounds of communication in each training iteration, do not use any expensive cryptographic primitives on clients, tolerate dropouts, and do not rely on a trusted third party. We implement and benchmark an instantiation of our generic design with secure two-party computation. Our implementation aggregates 500 models with more than 300K parameters in less than 0.5 seconds.

Blockchain-Enabled Accountability Mechanism Against Information Leakage in Vertical Industry Services

Abstract: The emergence of 5 G technology contributes to create more open and efficient eco-systems for various vertical industries. Especially, it significantly improves the capabilities of the vertical industries focusing on content-sharing services like mobile telemedicine, etc. However, cyber threats such as information leakage or piracy are more likely to occur in an open 5 G networks. So tracking information leakage in 5 G environments has become a daunting task. The existing tracing and accountability schemes have nonnegligible limitations in practice due to the dependence on a Trusted Third Party (TTP) or being encumbered with the significant overhead. Fortunately, the blockchain helps to mitigate these problems. In this paper, we propose a blockchain-enabled accountability mechanism against information leakage in the content-sharing services of the vertical industry services. For any information converted to vector form, we use the blockchain technology to ensure that service providers and clients can securely and fairly generate and share watermarked content. Besides, the homomorphic encryption is introduced to avoid the disclosure of the watermarking content, which guarantees the subsequent TTP-free arbitration. Finally, we theoretically analyze the security of the scheme and verify its performance.

Fault-Tolerant Multisubset Aggregation Scheme for Smart Grid

Abstract: As smart cities and nations are fast becoming a reality, so does the underpinning infrastructure, such as smart grids. One particular challenge associated with smart grid implementation is the need to ensure privacy preserving multisubset data aggregation. Existing approaches generally require the collaboration of a trusted third party (TTP), which may not be practical. This also increases the threat exposure, as the attacker can now target the TTP who may be servicing several smart grid operators. Therefore, in this article, a fault-tolerant multisubset data aggregation scheme is proposed. Our scheme aggregates the total electricity consumption value, and obtains the number of users and the total electricity consumption in different numerical intervals, without relying on any TTP. Detailed system analysis shows that our scheme prevents the leakage of single data, as well as guarantees the efficiency when new user joins and existing user leaves. Findings from our evaluation also demonstrate that system robustness is achieved with negligible cost.

Blockchain-Based Secured IPFS-Enable Event Storage Technique With Authentication Protocol in VANET

Abstract: In recent decades, intelligent transportation systems (ITS) have improved drivers' safety and have shared information (such as traffic congestion and accidents) in a very efficient way. However, the privacy of vehicles and the security of event information is a major concern. The problem of secure sharing of event information without compromising the trusted third party (TTP) and data storage is the main issue in ITS. Blockchain technologies can resolve this problem. A work has been published on blockchain-based protocol for secure sharing of events and authentication of vehicles. This protocol addresses the issue of the safe storing of event information. However, authentication of vehicles solely depends on the cloud server. As a result, their scheme utilizes the notion of partially decentralized architecture. This paper proposes a novel decentralized architecture for the vehicular ad-hoc network (VANET) without the cloud server. This work also presents a protocol for securing event information and vehicle authentication using the blockchain mechanism. In this protocol, the registered user accesses the event information securely from the interplanetary file system (IPFS). We incorporate the IPFS, along with blockchain, to store the information in a fully distributed manner. The proposed protocol is compared with the state-of-the-art. The comparison provides desirable security at a reasonable cost. The evaluation of the proposed smart contract in terms of cost (GAS) is also discussed.

VeriML: Enabling Integrity Assurances and Fair Payments for Machine Learning as a Service

Abstract: Machine Learning as a Service (MLaaS) allows clients with limited resources to outsource their expensive ML tasks to powerful servers. Despite the huge benefits, current MLaaS solutions still lack strong assurances on: 1) service correctness (i.e., whether the MLaaS works as expected); 2) trustworthy accounting (i.e., whether the bill for the MLaaS resource consumption is correctly accounted); 3) fair payment (i.e., whether a client gets the entire MLaaS result before making the payment). Without these assurances, unfaithful service providers can return improperly-executed ML task results or partially-trained ML models while asking for over-claimed rewards. Moreover, it is hard to argue for wide adoption of MLaaS to both the client and the service provider, especially in the open market without a trusted third party. In this article, we present VeriML, a novel and efficient framework to bring integrity assurances and fair payments to MLaaS. With VeriML, clients can be assured that ML tasks are correctly executed on an untrusted server, and the resource consumption claimed by the service provider equals to the actual workload. We strategically use succinct non-interactive arguments of knowledge (SNARK) on randomly-selected iterations during the ML training phase for efficiency with tunable probabilistic assurance. We also develop multiple ML-specific optimizations to the arithmetic circuit required by SNARK. Our system implements six common algorithms: linear regression, logistic regression, neural network, support vector machine, K-means and decision tree. The experimental results have validated the practical performance of VeriML.

Authentication and Key Management in Distributed IoT Using Blockchain Technology

Abstract: The exponential growth in the number of connected devices as well as the data produced from these devices call for a secure and efficient access control mechanism that can ensure the privacy of both users and data. Most of the conventional key management mechanisms depend upon a trusted third party like a registration center or key generation center for the generation and management of keys. Trusting a third party has its own ramifications and results in a centralized architecture; therefore, this article addresses these issues by designing a Blockchain-based distributed IoT architecture that uses hash chains for secure key management. The proposed architecture exploits the key characteristics of the Blockchain technology, such as openness, immutability, traceability, and fault tolerance, to ensure data privacy in IoT scenarios and, thus, provides a secure environment for communication. This article also proposes a scheme for secure and efficient key generation and management for mutual authentication between communication entities. The proposed scheme uses a one-way hash chain technique to provide a set of public and private key pairs to the IoT devices that allow the key pairs to verify themselves at any time. Experimental analysis confirms the superior performance of the proposed scheme to the conventional mechanisms.

Blockchain Based Secure Data Aggregation and Distributed Power Dispatching for Microgrids

Abstract: Power generation systems tend to be distributed and decentralized, and therefore the concept of microgrid has been proposed, which needs to implement decentralized data storage and power dispatching. The traditional power system architecture is no longer suitable in the decentralized microgrid system because there are no trusted third parties such as control centers. Therefore, it is challenging to securely implement data aggregation and power dispatching in microgrids without any trusted third party. In this paper, by leveraging blockchain, we propose secure data aggregation based on homomorphic encryption and the PBFT (Practical Byzantine Fault Tolerance) consensus, and meanwhile we propose automatic power dispatching by utilizing the PSO (Particle Swarm Optimization) algorithm and smart contracts. The security and performance analysis shows the effectiveness and efficiency of our proposed solutions.

BPT Scheme: Establishing Trusted Vehicular Fog Computing Service for Rural Area Based on Blockchain Approach

Abstract: Passing through a rural area with a limited network infrastructure may disrupt fog computing support for vehicles. As a result, some applications on vehicles may turn off and bother the performance of the vehicular systems. In order to escape from this kind of situation, vehicular fog computing is discussed in recent times as an alternative of fog computing support while passing through a blank spot of network infrastructure. However, it is not feasible to establish a trusted vehicular fog computing service among vehicles without mutual trust. To deal with this situation, this paper proposes a method called Bidding-Price-based Transaction (BPT) for vehicular fog computing service in rural areas. This method is composed of bidding-price-based mutual trust establishment between client vehicle and server vehicle and also payoff assignment based on transaction evaluation. By applying this method, trusted fog computing service transactions between two vehicles can be achieved without the direct assistance of any trusted third party as a validating entity. The simulation results and feasibility analysis then validate the performance of the BPT scheme in rural areas. Based on feasibility analysis, we claim that the BPT scheme can be realized by adjusting vehicle speed and transmission range with respect to the size of offloaded data.

A Mixing Scheme Using a Decentralized Signature Protocol for Privacy Protection in Bitcoin Blockchain

Abstract: Bitcoin transactions are not truly anonymous as an attacker can attempt to reveal a user’s private information by tracing related transactions. Existing approaches to protect privacy (e.g., mixcoin, shuffle, and blinded token) suffer from a number of limitations. For example, some approaches assume the existence of a trusted third party, rely on exchanges among various currencies, or broadcast sensitive details before mixing. Therefore, there is a real risk of privacy breach or losing tokens. Thus in this paper, we design a mixing scheme with one decentralized signature protocol, which does not rely on a third party or require a transaction fee. Specifically, our scheme uses a negotiation process to guarantee transaction details, which is monitored by the participants. Furthermore, the scheme includes a signature protocol based on the ElGamal signature protocol and secret sharing. The proposed scheme is then proven secure.

Two-Pass Privacy Preserving Authenticated Key Agreement Scheme for Smart Grid

Abstract: The design of an authenticated key agreement protocol for securing the smart meter communications in smart grid networks has attracted growing attention recently. Typically, realizing mutual authentication and key agreement without active involvement of a trusted third party is expected in this field. Thus, to achieve this aim, several authenticated key agreement schemes for smart grid have been presented; while as investigated in the following section of this work, most of these schemes remain vulnerable to various attacks. Therefore, to design a truly secure authenticated key agreement protocol for smart grid and make some contributions to this field, this work presents our new authenticated key agreement scheme for smart grid using Elliptic Curve Qu-Vanstone (ECQV) implicit certificate as the building block. Our scheme is pairing-free and just uses two passes to realize mutual authentication and key agreement as well as strong credential privacy, making it with high efficiency in both computation and communication overheads. Moreover, its security is formally proved under the widely accepted Canetti and Krawczyk (CK) security model, and is further confirmed by a heuristic security analysis.

A Location Privacy Protection Algorithm Based on Double K-Anonymity in the Social Internet of Vehicles

Abstract: As an emerging complex social network, the Social Internet of Vehicles (SIoV) potentially exposes user location privacy. In this letter, we propose a location privacy protection method based on double ${k}$ -anonymity that hides user locations and request information. The cloud server is introduced as a trusted third party to isolate the direct communication between users and the service provider, while correlation between identities and requests is also reduced by means of a permutation and combination method. Extensive simulations are conducted to demonstrate that the method can protect user location privacy to the greatest extent possible while still ensuring service availability.

A Novel Access Control Method Via Smart Contracts for Internet-Based Service Provisioning

Abstract: The dramatic rise in internet-based service provisioning has highlighted the importance of deploying scalable access control methods, facilitating service authorization for eligible users. Existing centralized methods suffer from single-point-of-failure, low scalability, and high computational overhead. In addition, in these methods, users pay for the service provider as well as the network provider independently for a specific service, imposing extra cost for the user. New business models are needed to resolve such shortcomings. The realization of these models calls for sophisticated access control methods which consider the requirements of all parties who want to: 1) access a service; 2) provide that service; and 3) provide the network connection. Blockchain is an enabling technology that provides unprecedented opportunities to novel distributed access control methods for new business models. We propose an Attribute-based access control solution by leveraging Blockchain to share network providers’ and service providers’ resources. Our solution offers access flexibility based on the requirements of the parties while fulfilling reliability, accountability, and immutability. Besides, it decreases the overall service cost which is beneficial for each party. Our solution makes it possible for service providers to outsource their access control procedures without requiring a trusted third party. The experiments confirm that our solution can provide a fast, comprehensive, and scalable access control mechanism.

Enabling Proxy-Free Privacy-Preserving and Federated Crowdsourcing by Using Blockchain

Abstract: With the rapid development and widespread application of crowdsourcing, the limitations of traditional systems are gradually exposed First, traditional systems fail to protect the privacy of task requesters and workers They typically rely on a centralized server to aggregate the task content and workers’ interests, while these data contain sensitive information Second, crowdsourcing resources in each system are isolated The tasks in one system cannot reach potential workers in other systems Thus, there is a great need to build a new privacy-preserving and federated crowdsourcing system However, the existing privacy-preserving solutions rely on a trusted third party to perform key management, which is not applicable in a federated setting To this end, we propose the first proxy-free privacy-preserving and federated crowdsourcing system It interconnects the existing crowdsourcing systems and can perform encrypted task matching across various systems without relying on a trusted third-party authority Our main idea is to achieve federated crowdsourcing by moving secure task matching to the trusted smart contract To get rid of the dependence on the trusted authority, we combine the rewritable deterministic hashing technique with searchable encryption schemes to achieve secure on-chain task-matching authorization Moreover, we utilize the puncturable encryption technique to implement secure authorization revocation We formally analyze the security of our design and implement a prototype on Ethereum Evaluation results demonstrate that our design is secure and efficient for blockchain-based crowdsourcing

Multi-Channel Blockchain Scheme for Internet of Vehicles

Abstract: With the development of advanced information and communication technology, the traditional centralized service model alone no longer meets the increasing demand of data exchange in intelligent transportation systems (ITS). While Internet of Vehicles (IoV) technology has been introduced to achieve more advanced ITS, there are still some unsettled issues such as flexibility and fault tolerance. The conventional centralized approach for ITS is vulnerable to the single point of failure, and lack of flexibility due to its dependence on a trusted third party (TTP). The emergence of blockchain technology provides a potential direction to address these problems. However, due to varying vehicle densities, it is challenging to select the best blockchain parameters to satisfy the application requirements. In this paper, we propose a multi-channel blockchain scheme that can use the best parameters in accordance with the vehicle density. The proposed scheme first defines multiple blockchain channels where each channel is optimized for a certain vehicle density level. Then, the system selects the best channel according to the vehicle density, and the application requirements on the transaction throughput and latency. We use extensive simulations to show that the proposed blockchain scheme achieves a significantly better performance as compared with existing baselines.

Secure Multi-party Computation of Differentially Private Heavy Hitters

Abstract: Private learning of top-k, i.e., the k most frequent values also called heavy hitters, is a common industry scenario: Companies want to privately learn, e.g., frequently typed new words to improve suggestions on mobile devices, often used browser settings, telemetry data of frequent crashes, heavily shared articles, etc. Real-world deployments often use local differential privacy, where distributed users share locally randomized data with an untrusted server. Central differential privacy, on the other hand, assumes access to the raw data and applies the randomization only once, on the aggregated result. These solutions either require large amounts of users for high accuracy (local model) or a trusted third party (central model).We present multi-party computation protocols HH and PEM of sketches (succinct data structures) to efficiently compute differentially private top-k: HH has running time linear in the size of the data and is applicable for very small data sets (hundreds of values), and PEM is sublinear in the data domain and provides better accuracy than HH for large data sizes. Our approaches are efficient (practical running time, requiring no output reconstruction as other sketches) and more accurate than local differential privacy even for a small number of users. In our experiments we were able to securely compute differentially private top-k in less than 10 minutes using 3 semi-honest computation parties distributed over the Internet with inputs from hundreds of users (HH) and input size that is independent of the user count (PEM, excluding count aggregation).

Computationally efficient and secure anonymous authentication scheme for cloud users

Abstract: In cloud computing, the combinations of various computing units are globally separated, however, electronically connected. In recent years, the number of cloud users has adequately increased in the modern societies. In order to restrict the illegal access of the intruders, a strong user authentication is required for cloud computing environment. In this regard, in this paper, we came up with a computationally productive and safer anonymous authentication pattern for cloud users. Moreover, in our scheme, mutual authentication is performed in an anonymous way between the cloud user and the cloud server to strongly verify the legitimacy of each user before providing an access into the cloud. After the successful anonymous mutual authentication, the targeted cloud service provider and the cloud users make mutual communication between them. In case of any misbehaviouring after successful mutual authentication, an efficient revocation mechanism is proposed through which the trusted third party (TTP) can revoke the cloud users or service providers from the cloud environment. Even though there were many anonymous cloud computing authentication schemes, the previously proposed authentication schemes suffered from high computational cost during certificate verification. Moreover, the section related to analysis proves that the explained scheme is robust enough in terms of security strength to avoid various security attacks and breeches.

Toward Decentralized Fair Data Trading Based on Blockchain

Abstract: Various emerging applications and services such as smartphones, wearable devices, and Inter-net of Things (IoT) have brought great convenience to people's daily life, while producing huge amounts of data. Mass data have become a valuable asset, which creates a new business pattern called data trading. However, fairness becomes a challenge when conducting online data trading between participants who are not fully trusted by each other. That is, if a data seller sends the data before being paid, a data buyer might obtain the data without paying, and conversely if a data buyer pays before receiving the data, the data seller might not send the data contractually. Traditionally, a trusted third party is usually employed to settle the disputes between buyers and sellers, but this centralized party is vulnerable to the single-point-of-failure issue. Fortunately, Blockchain provides an approach to realizing data trading without centralized trusted third parties. In this article, we introduce Fairtrade, a decentralized fair data trading framework, to solve the challenges of data availability and trading fairness in decentralized data trading. We propose two different models with potential instantiations. In the first solution, we take advantage of homomorphic encryption and data sample techniques to improve the reliability of the system, and further guarantee the availability of the data during data trading. In the second solution, we integrate double-authentication-preventing signatures with smart contracts to achieve fairness during data trading. We also evaluate Fairtrade by implementing both frameworks, in which we test the time consumption of the main algorithms and also test the gas cost of the functions in the smart contracts on the blockchain. The experimental results show the practicality of the proposal.

Authentication-based Access Control and Data Exchanging Mechanism of IoT Devices in Fog Computing Environment

Abstract: The emergence of fog computing has witnessed a big role in initiating secure communication amongst users. Fog computing poses the ability to perform analysis, processing, and storage for a set of Internet of Things (IoT) devices. Several IoT solutions are devised by utilizing the fog nodes to alleviate IoT devices from complex computation and heavy processing. This paper proposes an authentication scheme using fog nodes to manage IoT devices by providing security without considering a trusted third party. The proposed authentication scheme employed the benefits of fog node deployment. The authentication scheme using fog node offers reliable verification between the data owners and the requester without depending on the third party users. The proposed authentication scheme using fog nodes effectively solved the problems of a single point of failure in the storage system and offers many benefits by increasing the throughput and reducing the cost. The proposed scheme considers several entities, like end-users, IoT devices, fog nodes, and smart contracts, which help to administrate the authentication using access policies. The proposed authentication scheme using fog node provided superior results than other methods with minimal memory value of 4009.083 KB, minimal time of 76.915 s, and maximal Packet delivery ratio (PDR) of 76.

Towards Thwarting Template Side-Channel Attacks in Secure Cloud Deduplications

Abstract: As one of a few critical technologies to cloud storage service, deduplication allows cloud servers to save storage space by deleting redundant file copies. However, it often leaks side channel information regarding whether an uploading file gets deduplicated or not. Exploiting this information, adversaries can easily launch a template side-channel attack and severely harm cloud users’ privacy. To thwart this kind of attack, we resort to the k-anonymity privacy concept to design secure threshold deduplication protocols. Specifically, we have devised a novel cryptographic primitive called “dispersed convergent encryption” (DCE) scheme, and proposed two different constructions of it. With these DCE schemes, we successfully construct secure threshold deduplication protocols that do not rely on any trusted third party. Our protocols not only support confidentiality protections and ownership verifications, but also enjoy formal security guarantee against template side-channel attacks even when the cloud server could be a “covert adversary” who may violate the predefined threshold and perform deduplication covertly. Experimental evaluations show our protocols enjoy very good performance in practice.

ATIB: Design and Evaluation of an Architecture for Brokered Self-Sovereign Identity Integration and Trust-Enhancing Attribute Aggregation for Service Provider

Abstract: Identity management is a principle component of securing online services. In the advancement of traditional identity management patterns, the identity provider remained a Trusted Third Party (TTP). The service provider and the user need to trust a particular identity provider for correct attributes amongst other demands. This paradigm changed with the invention of blockchain-based Self-Sovereign Identity (SSI) solutions that primarily focus on the users. SSI reduces the functional scope of the identity provider to an attribute provider while enabling attribute aggregation. Besides that, the development of new protocols, disregarding established protocols and a significantly fragmented landscape of SSI solutions pose considerable challenges for an adoption by service providers. We propose an Attribute Trust-enhancing Identity Broker (ATIB) to leverage the potential of SSI for trust-enhancing attribute aggregation. Furthermore, ATIB abstracts from a dedicated SSI solution and offers standard protocols. Therefore, it facilitates the adoption by service providers. Despite the brokered integration approach, we show that ATIB provides a high security posture. Additionally, ATIB does not compromise the ten foundational SSI principles for the users.

Research on Blockchain-Based E-Bidding System

Abstract: In the field of modern bidding, electronic bidding leads a new trend of development, convenience and efficiency and other significant advantages effectively promote the reform and innovation of China’s bidding field. Nowadays, most systems require a strong and trusted third party to guarantee the integrity and security of the system. However, with the development of blockchain technology and the rise of privacy protection, researchers has begun to emphasize the core concept of decentralization. This paper introduces a decentralized electronic bidding system based on blockchain and smart contract. The system uses blockchain to replace the traditional database and uses chaincode to process business logic. In data interaction, encryption techniques such as zero-knowledge proof based on graph isomorphism are used to improve privacy protection, which improves the anonymity of participants, the privacy of data transmission, and the traceability and verifiable of data. Compared with other electronic bidding systems, this system is more secure and efficient, and has the nature of anonymous operation, which fully protects the privacy information in the bidding process.

The Role of Blockchain Technology in Aviation Industry

Abstract: The current systems used to manage data in aviation industries are mostly centralized and fall short of ensuring trusted data provenance, immutability, transparency, auditablility, and traceability features. Blockchain is an emerging and disruptive technology that has a high potential to provide trusted traceability, transparency, auditability, and immutability for stored and exchanged data and transactions in a manner that is decentralized and secure without the involvement of trusted third party. In this article, we explore the potential role of blockchain technology in the aviation industry. We highlight and discuss the key opportunities brought about by blockchain technology in various aviation applications, including digitizing crew certificates, securing customer loyalty programs, and maintenance, repair, and overhaul operations. We present recently reported case studies that have leveraged blockchain technology to provide aviation-centric services. Furthermore, we introduce a framework that leverages blockchain-based smart contracts to automate the key services in the aviation industry. Finally, we highlight open research issues and challenges.