PrSChain: A Blockchain Based Privacy Preserving Approach for Data Service Composition
DOI:
https://doi.org/10.31449/inf.v47i9.5081Abstract
The main goal of a Data Service Composition is combining multiple data services to provide for a user’s query a new service which uses data from multiple service providers that are incorporated in the composition. In this situation, the data privacy and especially of the service providers can be breached when their critical data can be seen by another party. Therefore, keeping the data privacy during the composition process is crucial by every work in the context of the service composition. Recent approaches rely on a central mediator that can be trusted or not to ensuring the privacy of the service providers during the query execution. The most recent approaches found problems in case of untrusted mediator where they enforce restrictions like k-protection that can affect the efficiency of their works. Therefore, we propose PrSChain which preserves the privacy of all service providers during service composition and execution using BlockChain technology. We used a permissioned BlockChain that acts as trusted mediator where it enables users to access to the BC if a valid certificate is given. We use Hyperledger Fabric to implement our solution where it stores sensitive data about the composition plan. In addition, the intermediate query results are saved in IPFS that acts as offchain storage. As a proof of concept, we have tested PrSChain on a real-world medical dataset to show its feasibility and efficiency for maintaining privacy in a secure and trusted manner.References
K. R. Boeckl, N. B. Lefkovitz, et al., NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management, Version (2020).
J.-W. Lee, H. Kang, Y. Lee, W. Choi, J. Eom, M. Deryabin, E. Lee,J. Lee, D. Yoo, Y.-S. Kim, and J.-S. No, ``Privacy-preserving machine learning with fully homomorphic encryption for deep neural network, ''IEEE Access, vol. 10, pp. 3003930054, 2022.
Wang, C., Wang, D., Xu, G. et al. Efficient privacy-preserving user authentication scheme with forward secrecy for industry 4.0. Sci. China Inf. Sci. 65, 112301 (2022). https://doi.org/10.1007/s11432-020-2975-6.
C. Zhang, M. Zhao, L. Zhu, W. Zhang, T. Wu and J. Ni, "FRUIT: A Blockchain-Based Efficient and Privacy-Preserving Quality-Aware Incentive Scheme," in IEEE Journal on Selected Areas in Communications, vol. 40, no. 12, pp. 3343-3357, Dec. 2022, doi: 10.1109/JSAC.2022.3213341.
J. Song, W. Wang, T. R. Gadekallu, J. Cao and Y. Liu, "EPPDA: An Efficient Privacy-Preserving Data Aggregation Federated Learning Scheme," in IEEE Transactions on Network Science and Engineering, doi: 10.1109/TNSE.2022.3153519.
Laskey, Kathryn B., and Kenneth Laskey. "Service oriented architecture." Wiley Interdisciplinary Reviews: Computational Statistics 1.1 (2009): 101-105.
N. Guermouche, O. Perrin and C. Ringeissen, "A Mediator Based Approach For Services Composition," 2008 Sixth International Conference on Software Engineering Research, Management and Applications, Prague, Czech Republic, 2008, pp. 273-280, doi: 10.1109/SERA.2008.43.
Zhang, Yu, Xiangmin Zhou, and Yiyue Gao. "Optimizing the data intensive mediator-based web services composition." Asia-Pacific web conference. Springer, Berlin, Heidelberg, 2006.
M. barhamgi, C. Perera, C. -M. Yu, D. Benslimane, D. Camacho and C. Bonnet, "Privacy in Data Service Composition," in IEEE Transactions on Services Computing, vol. 13, no. 4, pp. 639-652, 1 July-Aug. 2020, doi: 10.1109/TSC.2019.2963309.
G. P. Tiwary, E. Stroulia and A. Srivastava, "Improving Privacy in Data Service Composition," in IEEE Access, vol. 9, pp. 95716-95729, 2021, doi: 10.1109/ACCESS.2021.3094188.
Cynthia Dwork. Differential privacy. In Automata, languages and programming, pages 1–12. Springer, 2006.
Chen, J.; Liu, G.; Liu, Y. Lightweight Privacy-preserving Raw Data Publishing Scheme. IEEE Trans. Emerg.Top. Comput. 2020, 1.
SWEENEY, Latanya. k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 2002, vol. 10, no 05, p. 557-570.
Zyskind, Guy, and Oz Nathan. "Decentralizing privacy: Using blockchain to protect personal data." 2015 IEEE Security and Privacy Workshops. IEEE, 2015.
Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. Consulted, 1(2012):28, 2008.
DWIVEDI, Ashutosh Dhar, SRIVASTAVA, Gautam, DHAR, Shalini, et al. A decentralized privacy-preserving healthcare blockchain for IoT. Sensors, 2019, vol. 19, no 2, p. 326.
Al Omar, A., Rahman, M.S., Basu, A. and Kiyomoto, S., 2017, December. Medibchain: A blockchain based privacy preserving platform for healthcare data. In International conference on security, privacy and anonymity in computation, communication and storage (pp. 534-543). Springer, Cham.
MAKHDOOM, Imran, ZHOU, Ian, ABOLHASAN, Mehran, et al. PrivySharing: A blockchain-based framework for privacy-preserving and secure data sharing in smart cities. Computers & Security, 2020, vol. 88, p. 101653.
Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., Caro, A.D., Enyeart, D., Ferris, C., Laventman, G., Manevich, Y., Muralidharan, S., Murthy, C., Nguyen, B., Sethi, M., Singh, G., Smith, K.A., Sorniotti, A., Stathakopoulou, C., Vukolic, M., Cocco, S.W., & Yellick, J. (2018). Hyperledger fabric: a distributed operating system for permissioned blockchains. Proceedings of the Thirteenth EuroSys Conference.
S. Haber, W. S. Stornetta, How to time-stamp a digital document, in: Conference on the Theory and Application of Cryptography, Springer, 1990,pp. 437–455.
Beata Strack, Jonathan P. DeShazo, Chris Gennings, Juan L. Olmo, Sebastian Ventura, Krzysztof J. Cios, John N. Clore, "Impact of HbA1c Measurement on Hospital Readmission Rates: Analysis of 70,000 Clinical Database Patient Records", BioMed Research International, vol. 2014, Article ID 781670, 11 pages, 2014. https://doi.org/10.1155/2014/781670. Link: https://archive.ics.uci.edu/ml/datasets/Diabetes 130-US hospitals for years 1999-2008
Casati, F., Ilnicki, S., Jin, L., Krishnamoorthy, V., & Shan, M. C. (2000, June). Adaptive and dynamic service composition in eFlow. In International Conference on Advanced Information Systems Engineering (pp. 13-31). Springer, Berlin, Heidelberg.
Srivastava, Utkarsh, Jennifer Widom, Kamesh Munagala, and Rajeev Motwani. Query optimization over web services. Stanford, 2005.
Sridevi, S., and G. R. Karpagam. "Investigation on blockchain technology for web service composition: a case study." International Journal of Web Services Research (IJWSR) 18.1 (2021): 70-93.
Roger Clarke. 2006. What’s privacy. In Proceedings of the Australian Law Reform Commission Workshop, Vol. 28.
Tbahriti, S. E., Ghedira, C., Medjahed, B., & Mrissa, M. (2013). Privacy-enhanced web service composition. IEEE Transactions on Services Computing, 7(2), 210-222.
Chunxia Yu, Luping Zhang, Wenfan Zhao & Sicheng Zhang (2019): A blockchain-based service composition architecture in cloud manufacturing, International Journal of Computer Integrated Manufacturing, DOI: 10.1080/0951192X.2019.1571234.
Radmanesh, S.A., Haji, A. and Valilai, O.F., 2021. Blockchain-based cloud manufacturing platforms: A novel idea for service composition in XaaS paradigm. PeerJ Computer Science, 7, p.e743.
Al Ridhawi, I., Aloqaily, M., Boukerche, A., & Jaraweh, Y. (2020, June). A blockchain-based decentralized composition solution for iot services. In Icc 2020-2020 ieee international conference on communications (icc) (pp. 1-6). IEEE.
Viriyasitavat, W., Da Xu, L., Bi, Z. and Sapsomboon, A., 2020. Blockchain-based business process management (BPM) framework for service composition in industry 4.0. Journal of Intelligent Manufacturing, 31(7), pp.1737-1748.
Aghamohammadzadeh, E., & Fatahi Valilai, O. (2020). A novel cloud manufacturing service composition platform enabled by Blockchain technology. International Journal of Production Research, 58(17), 5280-5298.
Yu, C., Zhang, L., Zhao, W., & Zhang, S. (2020). A blockchain-based service composition architecture in cloud manufacturing. International Journal of Computer Integrated Manufacturing, 33(7), 701-715.
Downloads
Published
How to Cite
Issue
Section
License
I assign to Informatica, An International Journal of Computing and Informatics ("Journal") the copyright in the manuscript identified above and any additional material (figures, tables, illustrations, software or other information intended for publication) submitted as part of or as a supplement to the manuscript ("Paper") in all forms and media throughout the world, in all languages, for the full term of copyright, effective when and if the article is accepted for publication. This transfer includes the right to reproduce and/or to distribute the Paper to other journals or digital libraries in electronic and online forms and systems.
I understand that I retain the rights to use the pre-prints, off-prints, accepted manuscript and published journal Paper for personal use, scholarly purposes and internal institutional use.
In certain cases, I can ask for retaining the publishing rights of the Paper. The Journal can permit or deny the request for publishing rights, to which I fully agree.
I declare that the submitted Paper is original, has been written by the stated authors and has not been published elsewhere nor is currently being considered for publication by any other journal and will not be submitted for such review while under review by this Journal. The Paper contains no material that violates proprietary rights of any other person or entity. I have obtained written permission from copyright owners for any excerpts from copyrighted works that are included and have credited the sources in my article. I have informed the co-author(s) of the terms of this publishing agreement.
Copyright © Slovenian Society Informatika
