Abstract
Multi-party business processes rely on the collaboration of various players in a decentralized setting. Blockchain technology can facilitate the automation of these processes, even in cases where trust among participants is limited. Transactions are stored in a ledger, a replica of which is retained by every node of the blockchain network. The operations saved thereby are thus publicly accessible. While this enhances transparency, reliability, and persistence, it hinders the utilization of public blockchains for process automation as it violates typical confidentiality requirements in corporate settings. In this paper, we propose MARTSIA: A Multi-Authority Approach to Transaction Systems for Interoperating Applications. MARTSIA enables precise control over process data at the level of message parts. Based on Multi-Authority Attribute-Based Encryption (MA-ABE), MARTSIA realizes a number of desirable properties, including confidentiality, transparency, and auditability. We implemented our approach in proof-of-concept prototypes, with which we conduct a case study in the area of supply chain management. Also, we show the integration of MARTSIA with a state-of-the-art blockchain-based process execution engine to secure the data flow.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Cyber 4.0 project BRIE: https://brie.moveax.it/en. Accessed: 09 June 2023.
- 2.
ipfs.tech. Accessed: 09 June 2023.
- 3.
Notice that metadata are known to all the authorities and all the actors involved in the process. Therefore, non-malicious authorities are expected to create an identical file. The (same) hash is thus at the basis of the resource locator. As a consequence, anyone can verify whether the authorities behave properly in this step by checking that the resource locators are equal, with no need to load the file from the Data Store.
- 4.
Goerli: sepolia.etherscan.io; Mumbai: mumbai.polygonscan.com; Avalanche: testnet.snowtrace.io. Accessed: 09 June 2023.
- 5.
github.com/orlenyslp/Caterpillar. Accessed: 10 June 2023.
- 6.
- 7.
github.com/apwbs/MARTSIA-Ethereum/tree/main/tests. Accessed: 10 June 2023.
- 8.
A preliminary version is available at github.com/apwbs/MARTSIA-Algorand.
References
Athanere, S., Thakur, R.: Blockchain based hierarchical semi-decentralized approach using IPFS for secure and efficient data sharing. J. King Saud Univ. - Comput. Inf. 34(4), 1523–1534 (2022)
Basile, D., Goretti, V., Di Ciccio, C., Kirrane, S.: Enhancing blockchain-based processes with decentralized oracles. In: González Enríquez, J., Debois, S., Fettke, P., Plebani, P., van de Weerd, I., Weber, I. (eds.) BPM 2021. LNBIP, vol. 428, pp. 102–118. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-85867-4_8
Benhamouda, F., et al.: Can a public blockchain keep a secret? In: Pass, R., Pietrzak, K. (eds.) TCC 2020. LNCS, vol. 12550, pp. 260–290. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64375-1_10
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: SP, pp. 321–334 (2007)
Blum, M.: Coin flipping by telephone. In: CRYPTO, pp. 11–15 (1981)
Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_28
Chen, J., Micali, S.: Algorand: a secure and efficient distributed ledger. Theor. Comput. Sci. 777, 155–183 (2019)
Chi, A., Yao, C.: Protocols for secure computations (extended abstract). In: FOCS, pp. 160–164 (1982)
Chi, A., Yao, C.: How to generate and exchange secrets (extended abstract). In: FOCS, pp. 162–167 (1986)
Corradini, F., Marcelletti, A., Morichetta, A., et al.: Engineering trustable and auditable choreography-based systems using blockchain. ACM Trans. Manage. Inf. Syst. 13(3) (2022)
Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2003)
Di Ciccio, C., Cecconi, A., Dumas, M., García-Bañuelos, L., et al.: Blockchain support for collaborative business processes. Inform. Spektrum 42, 182–190 (2019)
Di Ciccio, C., Meroni, G., Plebani, P.: On the adoption of blockchain for business process monitoring. SoSyM 21(3), 915–937 (2022)
Feng, Q., He, D., Zeadally, S., Khan, M.K., Kumar, N.: A survey on privacy protection in blockchain system. J. Netw. Comput. Appl. 126, 45–58 (2019)
Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof-systems. In: Providing Sound Foundations for Cryptography, pp. 203–225 (2019)
Henry, T., Hatin, J., Kazmierczak, L., Laga, N., Gaaloul, W., Bertin, E.: Random-value payment tokens for on-chain privacy-preserving payments. In: CoopIS, pp. 223–241 (2022)
Klinkmüller, C., Ponomarev, A., Tran, A.B., Weber, I., van der Aalst, W.M.P.: Mining blockchain processes: extracting process mining data from blockchain applications. In: BPM Blockchain and CEE Forum, pp. 71–86 (2019)
Kosba, A., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: SP, pp. 839–858 (2016)
Li, B., Wang, Y.: RZKPB: a privacy-preserving blockchain-based fair transaction method for sharing economy. In: TrustCom/BigDataSE, pp. 1164–1169 (2018)
Liu, Z., Jiang, Z.L., Wang, X., et al.: Multi-authority ciphertext policy attribute-based encryption scheme on ideal lattices. In: ISPA/IUCC/BDCloud/SocialCom/SustainCom, pp. 1003–1008 (2018)
López-Pintado, O., Dumas, M., García-Bañuelos, L., Weber, I.: Controlled flexibility in blockchain-based collaborative business processes. Inf. Syst. 104, 101622 (2022)
López-Pintado, O., García-Bañuelos, L., Dumas, M., Weber, I., Ponomarev, A.: CATERPILLAR: a business process execution engine on the Ethereum blockchain. Softw., Pract. Exper. 49(7), 1162–1193 (2019)
Madsen, M.F., Gaub, M., Høgnason, T., et al.: Collaboration among adversaries: distributed workflow execution on a blockchain. In: FAB, pp. 8–15 (2018)
Marangone, E., Di Ciccio, C., Weber, I.: Fine-grained data access control for collaborative process execution on blockchain. In: BPM Blockchain and RPA Forum, pp. 51–67 (2022)
Mendling, J., Weber, I., et al.: Blockchains for business process management - challenges and opportunities. ACM Trans. Manage. Inf. Syst. 9(1), 4:1–4:16 (2018)
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)
National Institute of Standards and Technology: Announcing the Advanced Encryption Standard (AES). Technical report, Federal Information Processing Standards Publication 197 (2001)
Norta, A., Matulevicius, R., Leiding, B.: Safeguarding a formalized blockchain-enabled identity-authentication protocol by applying security risk-oriented patterns. Comput. Secur. 86, 253–269 (2019)
Pham, V.D., Tran, C.T., Nguyen, T., Nguyen, T.T., et al.: B-Box - a decentralized storage system using IPFS, attributed-based encryption, and blockchain. In: RIVF, pp. 1–6 (2020)
Pournaghi, S., Bayat, M., Farjami, Y.: MedSBA: a novel and secure scheme to share medical data based on blockchain technology and attribute-based encryption. JAIHC 11 (2020)
Rahulamathavan, Y., Phan, R.C.W., Rajarajan, M., Misra, S., Kondoz, A.: Privacy-preserving blockchain based IoT ecosystem using attribute-based encryption. In: ANTS, pp. 1–6 (2017)
Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems (reprint). Commun. ACM 26(1), 96–99 (1983)
Rouselakis, Y., Waters, B.: Efficient statically-secure large-universe multi-authority attribute-based encryption. Cryptology ePrint Archive, Paper 2015/016 (2015)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Stiehle, F., Weber, I.: Blockchain for business process enactment: a taxonomy and systematic literature review. In: BPM Blockchain and RPA Forum, pp. 5–20 (2022). https://doi.org/10.1007/978-3-031-16168-1_1
Tran, A.B., Lu, Q., Weber, I.: Lorikeet: a model-driven engineering tool for blockchain-based business process execution and asset management. In: BPM Demos, pp. 56–60 (2018)
Tran, C.T., Pham, V.D., Nguyen, T., Dinh, H.H.Q., et al.: A novel approach for developing decentralized storage and sharing systems. In: BSCI, pp. 85–90 (2021)
Wang, H., Song, Y.: Secure cloud-based EHR system using attribute-based cryptosystem and blockchain. J. Med. Syst. 42(8), 152 (2018)
Weber, I., Xu, X., Riveret, R., Governatori, G., Ponomarev, A., Mendling, J.: Untrusted business process monitoring and execution using blockchain. In: BPM, pp. 329–347 (2016)
Wood, G.: Ethereum: a secure decentralised generalised transaction ledger (2014)
Xu, X., Weber, I., Staples, M.: Architecture for Blockchain Applications. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-03035-3
Zhang, R., Xue, R., Liu, L.: Security and privacy on blockchain. ACM Comput. Surv. 52(3) (2019)
Acknowledgements
The work of E. Marangone and C. Di Ciccio was partially funded by the Cyber 4.0 project BRIE, the Sapienza project DRONES, by project SERICS (PE00000014) under the NRRP MUR program funded by the EU-NGEU, and by project PINPOINT (B87G22000450001) under the PRIN MUR program.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Marangone, E., Di Ciccio, C., Friolo, D., Nemmi, E.N., Venturi, D., Weber, I. (2024). MARTSIA: Enabling Data Confidentiality for Blockchain-Based Process Execution. In: Proper, H.A., Pufahl, L., Karastoyanova, D., van Sinderen, M., Moreira, J. (eds) Enterprise Design, Operations, and Computing. EDOC 2023. Lecture Notes in Computer Science, vol 14367. Springer, Cham. https://doi.org/10.1007/978-3-031-46587-1_4
Download citation
DOI: https://doi.org/10.1007/978-3-031-46587-1_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-46586-4
Online ISBN: 978-3-031-46587-1
eBook Packages: Computer ScienceComputer Science (R0)