Skip to main content
SpringerLink
Log in

Fine-Grained Data Access Control for Collaborative Process Execution on Blockchain

  • Conference paper
  • First Online:
Business Process Management: Blockchain, Robotic Process Automation, and Central and Eastern Europe Forum (BPM 2022)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 459))

Included in the following conference series:

Abstract

Multi-party business processes are based on the cooperation of different actors in a distributed setting. Blockchains can provide support for the automation of such processes, even in conditions of partial trust among the participants. On-chain data are stored in all replicas of the ledger and therefore accessible to all nodes that are in the network. Although this fosters traceability, integrity, and persistence, it undermines the adoption of public blockchains for process automation since it conflicts with typical confidentiality requirements in enterprise settings. In this paper, we propose a novel approach and software architecture that allow for fine-grained access control over process data on the level of parts of messages. In our approach, encrypted data are stored in a distributed space linked to the blockchain system backing the process execution; data owners specify access policies to control which users can read which parts of the information. To achieve the desired properties, we utilise Attribute-Based Encryption for the storage of data, and smart contracts for access control, integrity, and linking to process data. We implemented the approach in a proof-of-concept and conduct a case study in supply-chain management. From the experiments, we find our architecture to be robust while still keeping execution costs reasonably low.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Basile, D., Goretti, V., Di Ciccio, C., Kirrane, S.: Enhancing blockchain-based processes with decentralized oracles. In: González Enríquez, J., Debois, S., Fettke, P., Plebani, P., van de Weerd, I., Weber, I. (eds.) BPM 2021. LNBIP, vol. 428, pp. 102–118. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-85867-4_8

    Chapter  Google Scholar 

  2. Benhamouda, F., et al.: Can a public blockchain keep a secret? In: Pass, R., Pietrzak, K. (eds.) TCC 2020. LNCS, vol. 12550, pp. 260–290. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64375-1_10

    Chapter  Google Scholar 

  3. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: SP, pp. 321–334 (2007)

    Google Scholar 

  4. Chen, J., Micali, S.: Algorand: a secure and efficient distributed ledger. Theor. Comput. Sci. 777, 155–183 (2019)

    Article  MathSciNet  Google Scholar 

  5. Corradini, F., Marcelletti, A., Morichetta, A., Polini, A., Re, B., Tiezzi, F.: Engineering trustable and auditable choreography-based systems using blockchain. ACM Trans. Manag. Inf. Syst. 13(3), 1–53 (2022)

    Article  Google Scholar 

  6. Cramer, R., Damgård, I.B., et al.: Secure Multiparty Computation. Cambridge University Press, Cambridge (2015)

    Book  Google Scholar 

  7. Dannen, C.: Introducing Ethereum and Solidity: Foundations of Cryptocurrency and Blockchain Programming for Beginners. Apress (2017)

    Google Scholar 

  8. Di Ciccio, C., et al.: Blockchain support for collaborative business processes. Informatik Spektrum 42, 182–190 (2019). https://doi.org/10.1007/s00287-019-01178-x

    Article  Google Scholar 

  9. Feng, Q., He, D., Zeadally, S., Khan, M.K., Kumar, N.: A survey on privacy protection in blockchain system. J. Netw. Comput. Appl. 126, 45–58 (2019)

    Article  Google Scholar 

  10. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. IACR Cryptology ePrint Archive, p. 309 (2006). http://eprint.iacr.org/2006/309

  11. Haarmann, S., Batoulis, K., Nikaj, A., Weske, M.: Executing collaborative decisions confidentially on blockchains. In: Di Ciccio, C., et al. (eds.) BPM 2019. LNBIP, vol. 361, pp. 119–135. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-30429-4_9

    Chapter  Google Scholar 

  12. Kosba, A., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 839–858 (2016)

    Google Scholar 

  13. Li, B., Wang, Y.: RZKPB: a privacy-preserving blockchain-based fair transaction method for sharing economy. In: TrustCom/BigDataSE, pp. 1164–1169 (2018)

    Google Scholar 

  14. Li, B., Wang, Y., Shi, P., Chen, H., Cheng, L.: FPPB: a fast and privacy-preserving method based on the permissioned blockchain for fair transactions in sharing economy. In: IEEE International Conference on TrustCom/BigDataSE, pp. 1368–1373 (2018)

    Google Scholar 

  15. López-Pintado, O., Dumas, M., García-Bañuelos, L., Weber, I.: Controlled flexibility in blockchain-based collaborative business processes. Inf. Syst. 104, 101622 (2022)

    Article  Google Scholar 

  16. López-Pintado, O., García-Bañuelos, L., Dumas, M., Weber, I., Ponomarev, A.: Caterpillar: a business process execution engine on the Ethereum blockchain. Softw. Pract. Exp. 49(7), 1162–1193 (2019)

    Google Scholar 

  17. Madsen, M.F., Gaub, M., Høgnason, T., Kirkbro, M.E., Slaats, T., Debois, S.: Collaboration among adversaries: distributed workflow execution on a blockchain. In: FAB, pp. 8–15 (2018)

    Google Scholar 

  18. Mendling, J., Weber, I., Van Der Aalst, W., et al.: Blockchains for business process management - challenges and opportunities. ACM Trans. Manag. Inf. Syst. 9(1), 4:1–4:16 (2018)

    Google Scholar 

  19. Mühlberger, R., et al.: Foundational oracle patterns: connecting blockchain to the off-chain world. In: Asatiani, A., et al. (eds.) BPM 2020. LNBIP, vol. 393, pp. 35–51. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-58779-6_3

    Chapter  Google Scholar 

  20. Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). https://bitcoin.org/bitcoin.pdf

  21. Odelu, V., Das, A.K., Khan, M.K., Choo, K.K.R., Jo, M.: Expressive CP-ABE scheme for mobile devices in IoT satisfying constant-size keys and ciphertexts. IEEE Access 5, 3273–3283 (2017)

    Article  Google Scholar 

  22. Pournaghi, S., Bayat, M., Farjami, Y.: MedSBA: a novel and secure scheme to share medical data based on blockchain technology and attribute-based encryption. J. Ambient Intell. Human. Comput. 11, 4613–4641 (2020)

    Article  Google Scholar 

  23. Rahulamathavan, Y., Phan, R.C.W., Rajarajan, M., Misra, S., Kondoz, A.: Privacy-preserving blockchain based IoT ecosystem using attribute-based encryption. In: ANTS, pp. 1–6 (2017)

    Google Scholar 

  24. Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems (reprint). Commun. ACM 26(1), 96–99 (1983)

    Article  Google Scholar 

  25. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27

    Chapter  Google Scholar 

  26. Stiehle, F., Weber, I.: Blockchain for business process enactment: a taxonomy and systematic literature review. In: BPM Blockchain Forum, September 2022

    Google Scholar 

  27. Tran, A.B., Lu, Q., Weber, I.: Lorikeet: a model-driven engineering tool for blockchain-based business process execution and asset management. In: BPM Demos, pp. 56–60 (2018)

    Google Scholar 

  28. Wang, H., Song, Y.: Secure cloud-based EHR system using attribute-based cryptosystem and blockchain. J. Med. Syst. 42(8) (2018). Article number: 152. https://doi.org/10.1007/s10916-018-0994-6

  29. Weber, I., Xu, X., Riveret, R., Governatori, G., Ponomarev, A., Mendling, J.: Untrusted business process monitoring and execution using blockchain. In: La Rosa, M., Loos, P., Pastor, O. (eds.) BPM 2016. LNCS, vol. 9850, pp. 329–347. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45348-4_19

    Chapter  Google Scholar 

  30. Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 64–79. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75183-0_5

    Chapter  Google Scholar 

  31. Wood, G.: Ethereum: a secure decentralised generalised transaction ledger (2014). https://ethereum.github.io/yellowpaper/paper.pdf

  32. Xu, X., Weber, I., Staples, M.: Architecture for Blockchain Applications. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-03035-3

    Book  Google Scholar 

  33. Zhang, R., Xue, R., Liu, L.: Security and privacy on blockchain. ACM Comput. Surv. 52(3), 1–34 (2019)

    Article  Google Scholar 

Download references

Acknowledgements

The work of E. Marangone and C. Di Ciccio was partially funded by the Cyber 4.0 project BRIE and by the Sapienza research projects SPECTRA and “Drones as a service for first emergency response”.

Author information

Authors and Affiliations

  1. Sapienza University of Rome, Rome, Italy

    Edoardo Marangone & Claudio Di Ciccio

  2. Software and Business Engineering, Technische Universitaet Berlin, Berlin, Germany

    Ingo Weber

Authors
  1. Edoardo Marangone
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Claudio Di Ciccio
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ingo Weber
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Edoardo Marangone .

Editor information

Editors and Affiliations

  1. Sapienza University of Rome, Rome, Italy

    Andrea Marrella

  2. University of Tartu, Tartu, Estonia

    Raimundas Matulevičius

  3. University of Warsaw, Warsaw, Poland

    Renata Gabryelczyk

  4. Technische Hochschule Ingolstadt, Ingolstadt, Germany

    Bernhard Axmann

  5. University of Zagreb, Zagreb, Croatia

    Vesna Bosilj Vukšić

  6. Télécom SudParis, Evry, France

    Walid Gaaloul

  7. University of Ljubljana, Ljubljana, Slovenia

    Mojca Indihar Štemberger

  8. Corvinus University of Budapest, Budapest, Hungary

    Andrea Kő

  9. Data61, Eveleigh, NSW, Australia

    Qinghua Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Marangone, E., Di Ciccio, C., Weber, I. (2022). Fine-Grained Data Access Control for Collaborative Process Execution on Blockchain. In: Marrella, A., et al. Business Process Management: Blockchain, Robotic Process Automation, and Central and Eastern Europe Forum. BPM 2022. Lecture Notes in Business Information Processing, vol 459. Springer, Cham. https://doi.org/10.1007/978-3-031-16168-1_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-16168-1_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-16167-4

  • Online ISBN: 978-3-031-16168-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation