- This event has passed.
Demo webinar on Blockchain Secure Data Sharing
July 11 @ 10:30 am – 12:30 pm
ASSURED CyberSecurity and Insider Threats: Blockchain-Empowered Mobile Edge Intelligence for Secure and Sustainable Computing
The notion of trust refers to the degree of confidence that the users and stakeholders can have that the system operates as expected with regards to the entire spectrum of the entire application stack of the device, including both configuration behavior and operational behavior, as defined by the administrators. In other words, user trust on the behavior of a system is a measure of confidence, and the degree to which the system fulfils the requirements of the users and stakeholders with regards to security and privacy can be seen as a measure of their confidence level in the entire system. Since this is a core requirement and a major building block in modern supply chains and service graph chains, a level of confidence in the system translates by default to the measure of confidence of the user in the outcome of the system, therefore increasing end user adoption, and increasing the adoption and the trust of the user in all the services and technological advancements that exist in a cyber society. This is a core vision of the EU, which also lies within the heart of ASSURED.
Compounding this issue of trust, ASSURED involves the use of dynamically adaptable policies, lightweight crypto primitives and secure data storage to ensure highly secure data access, sharing, and storage in a decentralized manner. To this end, a Blockchain infrastructure is envisioned and implemented, which defines a security process pipeline that aims to achieve the desired trustworthiness levels for the entire system, while enabling secure, reliable and privacy-preserving extraction and sharing of knowledge and attestation-related data.
ASSURED also provides the advanced design and implementation of a TPM-based Wallet, which enables the management of all necessary cryptographic material to support a wide range of secure and lightweight on-chain interactions, such as reading data, reading attestation policies deployed on the ledger, recording data on the ledger, recording attestation results, and performing queries on stored data. To capture fine-grained on/off chain access control, ASSURED delivers the Attribute-Based Access Control (ABAC) scheme, which provides access to a data set stored on the Blockchain to devices that can verifiably demonstrate a “credential” containing the appropriate attributes.
The adaptable polices employed in ASSURED in order to perform access control were obtained by combining an Attribute Based Encryption (ABE) scheme with specific access controls, deployed in the form of smart contracts. While secure data sharing is also a vital objective of ASSURED, various challenges arise with regards to data handling through the Blockchain. Specifically, raw attestation data (whether it is encrypted or not) cannot be stored on the Blockchain, because the quickly growing data size can cause severe performance issues to the infrastructure hosting the Blockchain. To address this issue, only the pointer of the data, is stored on the Blockchain ledger. Storing pointers to the encrypted data can provide data authenticity and traceability. The encrypted data is then must be stored securely off-chain. To this end, an ASSURED Elastic Off-Chain Data Storage Engine has been deployed. It is evident that storing information as encrypted data in a decentralized manner is beneficial in terms of security and privacy. However, this poses a problem when a user, different from the data owner, wants to search for a specific data set, as the data is encrypted. The dynamic searchable symmetric encryption (DSSE) scheme can address this problem, by allowing querying operations on the encrypted data without the need to perform decryption of the data. In general, DSSE is provided by a trusted third party application, which cannot be considered as honest, as it can try to learn the relation between the results of the searches. Moreover, the results can be corrupted or denied.
All these security primitives will be presented in the fourth ASSURED webinar that will be focusing on the novel design of a mixture of protocols targeting the secure and privacy-preserving data sharing through policy-compliant Blockchain infrastructures. This property allows the participants to verify and audit transactions independently, and allows for the creation of a highly secure storage architecture that enables privacy-preserving transactions between the participants, without the requirement for a central authority that ensures the consistency of records. All produced mechanisms cover the entire lifecycle of shared data; i.e., for their secure and auditable data sharing to their secure storage and efficient querying even if they are encrypted.