Patent data access control and protection using blockchain technology

Sam Fried

Table of Contents Scheme security analysisData privacy securityData operator securityData manager securityData owner securityModel performance analysisComputing overhead analysisStorage overhead analysisNetwork overhead analysisEncryption performance analysisTest performance analysis Scheme security analysis Data privacy security As shown in Fig. 5, different access control structures have a greater impact on the data encryption rate. Among […]

Scheme security analysis

Data privacy security

As shown in Fig. 5, different access control structures have a greater impact on the data encryption rate. Among them, the speed of data file encryption and decryption is associated with the access control structure. The more complex the access control structure, the slower the encryption and decryption rate. On the contrary, the simpler the structure, the faster the encryption and decryption rate. With the increasing number of attributes involved in the access control strategy, the time used for data encryption operations gradually increases. However, the increase is almost stable, indicating that the increase in overhead is acceptable. This result shows that the distributed storage of patent data is safe, and it can meet the requirements of off-site storage for the review.

Figure 5

The relationship between the number of attributes and encryption overhead.

Data operator security

As shown in Fig. 6, different data operators correspond to the number of attribute authority data of 1–4. The difference in the number of attribute authorities has a significant impact on the calculation time-delay of the encryption parameter. The more the number of attribute authorities, the more time overhead the encryption needs; the more attribute authority, the more corresponding attribute management sets, and the more parameters need to be managed. This result also shows that the data operator cannot obtain patent data, steal data resources, or cause data leakage.

Figure 6
figure 6

The relationship between the number of attribute authority and encryption overhead.

Data manager security

As shown in Fig. 7, the number of permissions is associated with data encryption time-delay. The more permissions the data owner needs to manage, that is, the more access control strategies, the larger the encryption overhead. Therefore, even if there are more data managers, the specific information of patent data cannot be obtained effectively. Consequently, more managers are required to grant relevant permissions to access the data content.

Figure 7
figure 7

The relationship between the number of permissions and the encryption overhead.

Data owner security

Figure 8A shows the time required to decrypt the file, and Fig. 8B shows the time required to update the ciphertext. The more attributes involved in the data decryption time-delay and ciphertext, the greater the overhead of decryption. Due to the distributed attribute management architecture and the ciphertext update calculation process, only part of the ciphertext needs to be updated when the attribute is updated, which effectively reduces the update time of the ciphertext after the attribute is updated. The ciphertext update time-delay and the classic CP-ABE encryption mechanism21 have been improved significantly. The data owners establish a representative of security services, effectively preventing data leakage from storage product vendors, data management vendors, and system vendors. The traceability and non-tampering characteristics of blockchain are used. Through the blockchain transaction management to access the control strategy and attributes, this function realizes the strategy management and tracking of the whole process of policy publishing, updating, and revocation. The strategy is stored in the blockchain in an open and transparent form. Any user can query it. The query function is separated from the traditional access control service mode by the third party. This function solves the problem of transparency of jurisdiction judgment.

Figure 8
figure 8

Overhead of ciphertext time after attribute decryption and update (A Decryption overhead; B Update ciphertext time overhead).

Model performance analysis

Computing overhead analysis

Figure 9A–D demonstrate the key overhead, encryption overhead, decryption overhead, and computing overhead under different datasets. The proposed model is compared with the KP-ABE (Ciphertext Policy Attribute-Based Encryption) algorithm22. The overheads of the proposed model’s encryption algorithm and the KP-ABE algorithm all increase linearly with the increase in the number of attributes. In the proposed model, the overhead of the key generation algorithm increases linearly as the number of attributes increases. In the KP-ABE algorithm, the overhead of the key generation algorithm increases exponentially as the number of attributes increases. In the proposed model, the overhead of the decryption algorithm is lower than the overhead of the encryption algorithm. This is because the decryption algorithm takes less exponential operations. The time required to encrypt a 10 MB file with 64-bit data and 128-bit data is 35 ms and 105 ms, respectively. The results of all experiments show that using the local resources in branches for decryption can reduce the cloud computing overhead of the patent office.

Figure 9
figure 9

Computing overhead performance analysis (A Key overhead; B Encryption overhead; C Decryption overhead; D computing overhead).

Storage overhead analysis

Figure 10A displays the overhead of the encryption algorithm, and Fig. 10B displays the overhead of the decryption algorithm. DS-EA and BE-based schemes cost the least. Compared with the scheme based on ABE (Attribute-Based Encryption) and BE (Based Encryption) schemes, DS-EA can considerably reduce the key storage overhead. In this scheme, users only need to store their private keys and system parameters. In comparison, users must store their access structure and the corresponding private keys in the ABE-based scheme. Therefore, DS-EA only needs a small key storage overhead to implement secure cloud data collaboration services.

Figure 10
figure 10

Storage overhead performance analysis (A The encryption algorithm; B The decryption algorithm).

Network overhead analysis

Figure 11A shows the network overhead of the encryption algorithm, and Fig. 11B shows the network overhead of the re-encryption algorithm. The proposed scheme only takes 1 s to decrypt the 64 KB data; in contrast, the algorithm proposed in previous research takes 1.5 s. Although the proposed scheme’s decryption algorithm must perform a pairing operation for each piece of data, the operation only needs to be done once, and the calculation can be completed at the very beginning. As the number of receivers increases, the encryption time-consumption is almost stable. Therefore, the DS-EA scheme is easy to expand in cloud computing. Experimental results show that DS-EA is lightweight and can apply to practice efficiently. This algorithm can reduce the storage space of the patent office encryption data and save the storage effectively.

Figure 11
figure 11

Time overhead of the encryption algorithms in SECO, ABE-based scheme, and BE-based scheme (A The encryption algorithm; B The re-encryption algorithm).

Encryption performance analysis

Figure 12A illustrates the encryption performance results under different k values, and Fig. 12B presents the encryption performance results under different datasets. Only 1% of the data requires asymmetric encryption, which greatly reduces encryption computing overhead while increasing encryption speed and ensuring data security. Compared with the state of the art algorithms, the proposed algorithm has prominent advantages when the K value is large.

Figure 12
figure 12

Percentage of users with privacy leaks under different k values and dataset sizes (A Under different k values; B Under different datasets).

Test performance analysis

Figure 13A–D represent the model’s MAE (Mean Absolute Error) results under a = 0.5 Count query, a = 1.0 Count query, a = 0.5 Sum query, and a = 1.0 Sum query. Figure 14A–D represent the model’s MRE (Mean Relative Error) results under a = 0.5 Count query, a = 1.0 Count query, a = 0.5 Sum query, and a = 1.0 Sum query. In any case, whether it is MAE or MRE, the results of the proposed algorithm are smaller than those of the Dwork algorithm23. When the query size is equal to 3 and a = 0.5, the MAE of the Count query result of the proposed algorithm is less than 20; in contrast, the result of the Dwork algorithm is close to 70. When the query size is 4 and a = 0.5, the MRE of the Sum query result of the proposed algorithm is less than 0.1; however, the result of the Dwork algorithm is greater than 0.2. As the query size increases, not only the MAE but also the MRE are decreasing. In addition, as a increases, both MAE and MRE are decreasing.

Figure 13
figure 13

The MAE of different query sizes under different privacy (A a = 0.5 Count query; B a = 1.0 Count query; C a = 0.5 Sum query; D a = 1.0 Sum query).

Figure 14
figure 14

The MRE of different query sizes under different privacy (A a = 0.5 Count query; B a = 1.0 Count query; C a = 0.5 Sum query; D a = 1.0 Sum query).

Figure 15A presents the model’s relative error result under the Count query, and Fig. 15B gives the model’s relative error result under the Sum query. As the size of the dataset increases, the relative error ratio decreases. As the dataset grows to 1,500,000, and a = 0.5, the relative error ratio of the Sum query result is 0.7; when the dataset size is 4,500,000, the relative error ratio is less than 0.6. Therefore, the algorithm can provide higher data availability for large-scale multidimensional datasets.

Figure 15
figure 15

Relative error ratio under different privacy budgets and dataset sizes (A Count query; B Sum query).

https://www.nature.com/articles/s41598-022-05215-w

Next Post

Russia's War In Ukraine Results In Bombing of Retro Computer Museum

The escalating war in Ukraine has likely destroyed a museum devoted to retro computers.  Earlier this week, the owner of the Club 8-Bit museum in Mariupol, Ukraine, reported the news on a Facebook page. “That’s it, the Mariupol computer museum is no longer there,” wrote Dmitry Cherepanov.  On Facebook, Cherepanov […]

Subscribe US Now