Cross-Department Secures Data Sharing in Food Industry via Blockchain-Cloud Fusion Scheme

Tao, Q.; Chen, Q.; Ding, H.; Adnan, I.; Huang, X.; Cui, X.

doi:https://doi.org/10.1155/2021/6668339

Security and Communication Networks

On this page

Abstract Introduction Preliminaries Conclusion Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Special Issue

Blockchain for Systems Management and Cybersecurity

View this Special Issue

Research Article | Open Access

Volume 2021 | Article ID 6668339 | https://doi.org/10.1155/2021/6668339

Cross-Department Secures Data Sharing in Food Industry via Blockchain-Cloud Fusion Scheme

Q. Tao,¹Q. Chen,²H. Ding,¹I. Adnan,¹X. Huang,³and X. Cui¹

Academic Editor: Leandros Maglaras

Received21 Dec 2020

Revised23 Jan 2021

Accepted27 Feb 2021

Published27 Mar 2021

Abstract

The barriers of food enterprises and departments caused information asymmetry, which is the root cause of food safety incidents. Simultaneously, it is challenging to solve the information asymmetry by the existing cloud-based food supply-chain regulation system. Establishing a secure and reliable data sharing environment is an effective solution to the information island. Blockchain can construct a security network based on mathematical algorithms, eliminating the third party’s potential security risk, and realize transparently share data. In this paper, on the principle of metadata remaining in the food enterprises, we propose a blockchain-cloud fusion scheme based on Decentralized Attribute-Based Signature (DABS) to realize secure data sharing between departments. It constructs a decentralized and trusting environment for data owners to share data and achieves social co-governance of food safety based on the smart contract. It can also preserve the existing system architecture and complement the performance disadvantage of blockchain and cloud storage. The result achieved from security analysis shows that our scheme supports unconditional full anonymity and can resist collusion attacks of N-1 out of N corrupted attribute authorities.

1. Introduction

In the age of big data, the data has a tremendous potential value, and different enterprises and regulators have collected data, such as farmers can only collect the data of crop growth (seeds, fertilizers, pesticides, environment, etc.). Food producers can get the processing data (product formulation, machine, process parameters, inputs, etc.), sellers collect sales data (location, price, customer, etc.), and regulators store the sampling inspection reports and monitoring data. The data owners would not share the data with the disclosure risk of user privacy and commercial secret. It is the primary cause of information asymmetry that has led to some negative market phenomena, like “good money after bad,” “2013 horse meat scandal in the Europe,” and “2017 multistate Salmonella outbreak in the US” [1]. More than 600 million people worldwide fall ill after consuming unsafe food each year [2]. Cross-departmental data sharing in the food industry is a promising solution to food safety incidents and promotes industry development [3]. The traditional cloud-based regulatory system (as Figure 1 shown) provides a solution to share the food data and protect the food quality [4]. According to the Cisco white paper, most companies in the food supply-chain deployed the regulatory system in cloud [5]. Cloud features of pay-on-demand and elastic extension can decrease the cost [6–8]. However, the customers and data in the cloud are not in the same trusted domain, resulting in a lack of trust between customers. Cloud security incidents are frequent. More than 10000 security incidents happened in Malaysia in 2013. According to the 2013 Norton report, the total cost of cybercrime in Australia amounts to AU$1.06 billion [9]. The privacy of 368000 students in Florida Virtual School was leaked in 2018. So, some common defects in the traditional regulatory system need to be addressed: (1) the tampering and hiding of wrong information in the centralization system. (2) the risk of privacy leakage and data loss if the servers are compromised or privileged users’ rights are not adequately monitored. (3) It is difficult to verify the user’s identity, which is hard to guarantee the authenticity of shared data and track down the person responsible for the product accident. (4) The data owners are reluctant to share data due to the lack of trust between the system and food enterprises, and the enterprises would not invest heavily to rebuild their system. More than 40% viewed that food fraud is difficult to monitor by the traditional methods [2].

With the characteristics of tamper-proofing, decentralization, and co-governance, blockchain happens to address the above issues by constructing a trusted network based on a mathematical algorithm. The data are shared transparently by enterprises and regulators. It is immutably for the data in block chain [10]. Smart contract is an intelligent and self-executing logic code without an intermediary, reducing transaction costs and transaction time [11]. Walmart has developed a blockchain-based system to monitor the product quality by sharing information in pork and mangos industries [12]. It helps to effectively track the pork products during serval minutes compared to serval days taken in the past. There are several challenges: (1) the blockchain has the characteristic of pseudoanonymity that cannot protect the privacy information in the signature. The adversary can get the privacy information by analyzing the expenditure information of user account [13]. (2) Performance, cost, and security are the primary bottlenecks for implementing blockchain technology in the food industry.

To address the issues, we propose a blockchain-cloud fusion scheme to protect the security of shared data. The enterprises can preserve the existing system architecture and transparently share data in a trusted network without third parties. It adopts the characteristics of low cost, scalability, and high-performance in cloud computing technology to make up for blockchain's performance and cost bottleneck. The metadata remains in the existing enterprise system, and the data’s signature is shared with the blockchain network. It can reduce the storage and performance load of the blockchain network. Besides, the analysis of the signature algorithm in Table 1 shows that the Attribute-Based Signature (ABS) is an effective solution to share data with fine-grained control and protect the data owner’s privacy. To address the information leakage risk and adapt to the decentralization feature of our scheme, we propose a Decentralized Attribute-Based Signature (DABS). The enterprises and regulators have equal rights to verify employees in their respective departments. The signature of shared data is entirely secure, which encourages users to monitor food quality actively. Simultaneously, it provides a solution for regulators to track down the person responsible for public safety incidents and rumors. It is meant to promote social co-governance in the food industry.

1.1. Related Work

1.1.1. ABS

ABS originated from fuzzy identifies encryption that was firstly proposed by Sahai and Waters [14]. It could hide user identity information and provide a solution for data owners to share with fine-grained access control. In the ABS, the users received a private key from the Attribute Authority (AA) based on their attributes and defined a shared community for sharing data with a signing predicate. Only if the users’ attributes satisfy with the signing predicate, they could get the share data, such as farmers share a file with an access control strategy of signing predicate ((manager with Level 7 in Food Processing FP1) or regulator), which means that only the manager with Level 7 in Food Processing FP1 and regulators can access the shared file. ABS scheme has a bright application prospect, such as directional broadcast and cloud storage. It has attracted many scholars and presented a lot of research results [15]. Li et al. proposed an Attribute-Based Encryption (ABE) system based on a ring signature scheme [16]. Anyone can select a set of public keys of random signers to hide its public key [17]. However, the above schemes manage the entire system attribute set by a single AA. It quickly causes performance bottlenecks and cannot satisfy the actual needs of multiple departments’ cooperation [18]. So, Chase et al. let numerous authorities manage the attribute set, but the scheme has disclosure risk of Centralized Attribute Authority (CA) because the CA could calculate any user’s private key [19]. Yang et al. proposed an efficient multiauthority CP-ABE scheme based on LSSS access structure without global authority and security under the random oracle model [20]. Liu et al. proposed a security scheme only if the number of colluding users is less than (m+1) [21].

1.1.2. Blockchain

Nakamoto firstly proposed the blockchain architecture [10]. It provided a solution to a trust and equality among different participators by a mathematical algorithm. In addition, it is an effective way to solve the single point validation based on decentralization [22]. Macrinici et al. [11] designed the smart contract to protect users’ privacy and automatic information processing. Blockchain technology has achieved great success in the financial industry [23], like Bitcoin and Ethereum. It demonstrated the application feasibility of blockchain technology. Some promising blockchain applications are being developed to address industry concerns such as medical, agriculture, energy, and food safety. In [24–28], a security data management scheme was proposed with privacy-preserving to share the medical data by encapsulating EHRs based on attribute-based encryption into the blockchain; there is no detailed application. Even in [28], it cannot resist the collusion attack between uses. In [29], it is proposed that blockchain is a solution to optimize the energy industry structure and facilitate sustainable development. Walmart developed a blockchain-based system to monitor pork and mangos from South America to the US [1], where the managers could trace down the product during several minutes compared to several days taken in the past.

1.1.3. Supply Chain and Blockchain

Data-shared barriers among the food enterprises caused information delay and asymmetry, which affected the quality of shared information [30]. Supply chain management is an important application for blockchain technology [31]. Blockchain could record entire life cycle of each product with immutable and shared information between consumers and producers. The ICT electronic agriculture system via blockchain infrastructure guaranteed the integrity of agricultural environment data, conducive to improving sustainable agrarian development [32]. In [33], it is proposed that blockchain applied in the food supply-chain not only could reduce food losses by optimizing product logistics, but it also benefits to improve regulatory efficiency. Saberi et al. explored how blockchain could help supply-chain sustainability and guide industry transformation. Clauson and Breeden discussed the supply-chain management in healthcare, and most blockchain schemes are still in the proof-of-concept or pilot stag [34]. Security and privacy are barriers to the integration of IoT and blockchain. Jangirala et al. proposed a LBRAPS protocol in mobile edge computing to protect the transmit data security [35]. In [36, 37], a AgriBlockIoT system is proposed for food supply-chain management. But, it lacks an effective solution to protect the data security.

1.2. Our Contributions

In summary, main contributions of this work are as follows:(1)This work proposes a food supply-chain regulation system based on a blockchain-cloud fusion scheme. It supports secure data sharing across departments, intelligent regulation, and social co-governance with a smart contract.(2)This work proposes a DABS scheme by combining the characteristics of ABS and ring signature. It helps to improve the safety of the food supply-chain regulation system. Besides, it provides a solution for regulators to trace down the illegal users, which is useful to prevent the spread of rumors and establish a harmonious network environment.(3)This work performs a comprehensive security analysis shows that our scheme supports unconditional full anonymity and noncollusion with strong (N-1) (resist collusion attacks of N-1 out of N corrupted Attribute Authorities). The performance evaluation shows our scheme’s performance advantage. Compared with time complexity in traditional schemes, it supports batch-verification with .

1.3. Organization

The remainder of this work is as follows: Section 2 introduces the definitions of the bilinear map, computational assumption, access structure and LSSS, syntax, and security model of DABS. Section 3 details the blockchain-cloud fusion scheme. Section 4 describes security analysis, and Section 5 presents the performance analysis, while the conclusion is presented in Section 6.

2. Preliminaries

This section introduces the definitions of bilinear map, computational assumption and linear secret-sharing schemes. Then, we describe the framework definition of the DABS scheme and security definitions.

2.1. Bilinear Map

Let , , and be three multiplicative groups of prime order . A bilinear map is a map e: with the following properties:(1)Bilinearity: (2)Nondegeneracy: (3)Computability: there is an efficient algorithm to compute

If , then . The bilinear pairing applied in our proposed scheme is symmetric, where = = G.

2.2. Computational Assumption

Definition 1. Computational Diffie-Hellman problem, CDH: assume is a bilinear group of prime order . is a generator of , bilinear map e: . Giving for unknown to compute . We say that the (t, )-CDH problem holds if there exists no poly(t)-time algorithm can solve the CDH problem with non-negligible advantages.

2.3. Access Structure and Linear Secret-Sharing Schemes (LSSS)

Definition 2. Access structure [38]: let U = be a set of parties, and a collection is called monotone if : A monotone access structure is collection which is a nonempty subsets of , i.e., . The set in is called authorized set, and others is an unauthorized set.

Definition 3. Linear secret sharing scheme [39] (LSSS): a secret sharing scheme over a set of parties U = is LSSS only if(1)The share for each party forms a vector over .(2)There exists a share generating matrix with rows and columns. For , let the function map the row i of M to the attribute . When we consider the column vector = , where is the secret to be shared, and are chosen randomly; then is the vector which shares the secret by function . The shared secret belongs to the party .Suppose that is an LSSS for the access control strategy . Let is an authorized set, and is defined as . If is valid shares of any secret by function , there exists constant and . In [38], it is shown that these constants can be found in polynomial time.

2.4. Syntax of Decentralized Attribute-Based Signature Scheme (DABS)

According to [40], we construct the DABS scheme that consists of five algorithms: Setup, Keygen, Sign, Verify, and Trace. Select a random security parameter λ; our scheme works as follows:(i)Setup (λ). The algorithm takes a random secure parameter λ as input, and it outputs a master key MSK, public key PK, and trace key TK, where TK is used to trace the user identity. Assume that the PK contains the universe of attributes set U, and the default attributes set W.(ii)Keygen. In this algorithm, all attribute authorities share a pseudorandom function . It takes the user’s attribute set , MSK, and PK as input; each AA computes the attribute private key SK as output.(iii). The algorithm takes input signing predicate and shared message M, PK, SK, and , where is generated according to the access control strategy of the data owner, is a share generating matrix, is a map function as shown in Definition 3, and is a default attribute set. The algorithm outputs a signature .(iv)Verify. The algorithm takes and PK as input and outputs a Boolean value.(v)Trace. The algorithm takes input the signature and trace key and outputs the signer identity . Batch Processing. (Definition 4 [41]): giving BSetup(λ) (q, ), where q is a prime, λ is a security parameter, and if = , then A = .

2.5. Security Definitions

This part introduces the security definitions. The ABS scheme supports characters of anonymity and noncollusion. In terms of anonymity, it usually includes computational anonymity and unconditional full anonymity. [16] supports computational anonymity, where the adversary can access the user identity with unlimited computing power. While to the characteristic of unconditional full anonymity, giving a sufficient signature with an access control strategy; adversary Å has unlimited computing power and accesses any users’ attribute key. Still, there is no poly(t)-time algorithm to reveal the signer’s attributes information from the signing predicate. Noncollusion means no poly(t)-time for adversaries to forge the legitimate signature with a set of complementary attributes.

2.5.1. Unconditional Full Anonymity

Our scheme supports unconditional full anonymity if no adversary Å can win the following games with non-negligible advantages.(i)Setup. An adversary Å selects a random signing predicate . The simulator calls the algorithm Setup(.) and returns the public key PK and master key MSK to Å. Å can construct a key for any AA_i.(ii)Challenge. In this phase, the Å chooses a random message and two attribute sets , where satisfies the signature predicate . The Å sends two tuples and to . The calls the algorithm Keygen(.) and returns private keys . Then chooses a bit, b∈{0, 1}, signs the message as signature , and sends it to the Å.(iii)Guess. The Å outputs the guess result of and wins the game only if .

2.5.2. Noncollusion

Our scheme can defend against collusive attack under adaptive selective message and predicate attacks if there is no adversary Å (capable of unlimited computing power) can win the following games with the non-negligible advantages.(i)Initial.(ii)Assume is a mini-subset of and = 1. Let the compromised AA group as SA = . For the predicate the adversary Å can forge the signature only if corrupted by another . So, the attack effect of the DABS scheme can be reducible to attack the . Assume that the simulator chooses a default attributes set from .(iii)Setup.(iv) calls Setup(.) and sends to adversary Å.(v)Query.(vi)Å queries the random oracle H,, SK and signature from .(vii)Challenge.(viii)The adversary Å challenges the security under a collusive attack. It chooses two random users with the attribute set , respectively, where , and .(ix)The adversary Å requires to query private key of and ; returns the , to Å, respectively. So, the combined-key is .(x)Forgery. Å constructs a signature and will win the game only if(1)Verify () = true.(2)Å cannot query any private key of the attribute set where .(3)Å cannot query any private key of the attribute set where .

3.1. System Model

Assume the enterprises, regulators, and neutral institutions (such as food commonweal organization) in the whole food supply-chain hope to share data to promote supervision of food quality and public safety incidents. They provide a cloud server as an Attribute Authority server (AA) to store the transmitted data and verify them. Regulators and enterprise legal persons are registered with the regulator AA server, and employees register with the enterprise AA server. Assume neutral institutions’ servers are semicredible that would not eavesdrop or backup users’ registration information. The common consumers, including food enterprise employees, can enter the system by registering with any neutral institution, release supervision information anonymously based on the DABS algorithm (detailed in Section 3.3), and realize social co-governance of all links in the food supply chain. Food enterprises own the AAs, regulators, and neutral institutions independently. To standardize terms, we use data owners as the data providers in the following, including enterprises, regulators, and neutral institutions. As Figure 2 shown that our system consists of four modules: cloud network, DABS, blockchain network, and application group. The system details are as follows:(i)Cloud Network Module. It consists of AA servers’ group to support user identity verification, user management, and data storage. Each AA server is selected from the existing system architecture in the food supply chain. AA server is operated and maintained independently by data owners, which also is used as shared data services to support food quality supervision and traceability. Likely, farms can share data in the cultivation server; storage enterprise shares data with the warehouse server, etc. Processing enterprise shares data with the process server; regulators share sampling inspection reports and monitoring data with the regulator server. It uploads the shared data signature and index from food enterprises and regulators to the blockchain network. And, it shares consumers’ report data with DABS signature to the blockchain.(ii)DABS Module. It has the security characteristics of unconditional full anonymity and noncollusion (as shown in Section 4). It supports user authentication, secret key assignment, digital signature, and traceability. The AA server generates an anonymous private key for the user with the fuzzy attribute set if the registration information is authenticated. Data owners share data with access control strategy and private key (sign algorithm is detailed in Section 3.3). Furthermore, it provides a way for regulators to trace down the person responsible for rumors and incidents in the food industry (trace algorithm, as shown in Section 3.3), which is helpful to purify the system network. The DABS module is deployed in the AA servers, which works together to maintain the system’s stability and security.(iii)Blockchain Network Module. It receives the data from data owners’ server, consensus validation with PBFT [39] that more than 2/3 of the servers acknowledge the validity of data, and store the data block into the blockchain (the block structure as shown in Figure 2). Besides, it supports co-governance and traceability of food safety via smart contract (detailed in Section 3.4). If the report is useful, it will give a reward in return, conducive to motivating consumers to participate actively. With the robustness feature of PBFT, the blockchain network can resist no more than 1/3 of the server’s failure attack. This module can be deployed in AA servers to save the system development cost.(iv)Application Group Module. It composes of consumers and regulators. Any system user should register firstly by AA server. Consumers can query any quality information of food supply-chain as needed from the blockchain network. The system will then get and return the data from the data owner’s server by the data index in the data block. Besides, consumers can take part in food safety supervision. Regulators have the power of supervision to monitor the whole food supply-chain and hold responsible people, including timely warning and accountability of food safety incidents.

3.2. Threat Model and Design Goal

The adversaries can eavesdrop on the public channel’s information, including signature and signing predicate. Besides, there are dishonest server groups that are allowed to collude to infer the signature’s user identity.

Based on the above threat model, the food supply-chain regulation system hopes to achieve the following goals.(1)Privacy Protection. System user privacy information can be deduced by statistical analysis [13]. So, the system should have the characteristic of unconditional full anonymity. It can resist the adversary’s statistical analysis and is secure when no more than N 1/N of the collusion servers.(2)System Availability. In this work, the system availability includes two aspects. (a) System robustness: on the one hand, it works only if no more than 1/3 servers in the blockchain network fail; on the other hand, it is Strong (N-1) for AA servers that it works as long as more than one server is honest. (b) Traceability: it provides a solution to track the person responsible for rumors and food safety incidents.

3.3. Proposed DABS Scheme

Setup (λ). Let G and G_T be two cyclic multiplication groups of composite order and the bilinear map , where p and q are two large prime numbers. The construction also enables to work on asymmetric pairing groups, where , and . Denote is the subgroup of order q in G. The universal set of attributes U = are managed by the distribution Attribute Authorities Group. Each monitors an attribute subset and issues the corresponding attribute private key to users. Define the default attributes set , where W_i . Select two collision-resistant cryptographic hash function H,. Select random generator , exponent ∈, and compute . Select random exponent for each and compute . Select random parameter for each attribute. Select generator . So, it generates the public key PK, the master key MSK for AA Group, and the trace key TK as follows: Keygen. In this algorithm, all attribute authorities share a pseudorandom function . Assume the user possesses an attribute set . The calculates ,, and . For attribute , it computes . So, the anonymous private key of the user is . In this algorithm, the signer sets an access control strategy The access control strategy is The algorithm constructs an LSSS access matrix with an injective function that maps each row of the matrix S to an attribute of .(i)The algorithm randomly chooses a parameter for every bit of = {u[1], u[2],…, u[k]}, and ,. Define and The is well-formed.(ii)Choose a random parameter and a random vector . Define , where is the th row of S. Choose a constant ∈ and .(iii) and select random parameter If , calculate If , calculate (iv)Select fuzzy factors for user and calculate(v)Calculate(vi)So, the signature is Verify. The algorithm takes the signature and PK as input and outputs the result. According to the equation result , if the equation is correct, this scheme accepts the signature , or reject and output . Trace. The algorithm takes input the signature , trace key , and PK and then outputs the signer identity ID. The algorithm describes as follows:(i)Call algorithm verifies and checks the signature is true or not.(ii)If , it will check(iii)Return u[i] = 1 only if the both check pass, else return u[i] = 0. So, the algorithm will output the signer’s identity ID.

The effectiveness of algorithm Trace (.) has been proved in detail in [42], and the security of algorithm Trace (.) has been proved in [43], so we would not detail and analysis the algorithm in the paper. Correctness. This scheme outputs the signature for the message M. We can prove the correctness of the scheme as follows: Batch-Verification Processing. According to the scheme [13], we propose a batch-verification processing algorithm to improve the effectiveness of to . It takes inputs the public key PK and a large number of signatures , and works as follows:

3.4. Social Co-Governance of Food Safety Based on Smart Contract

The smart contract enables to automatic execution of the agreement between the parties without an intermediary. It is helpful to improve the efficiency of information processing and social co-governance of food safety.(1)Data Intelligence Verification. When enterprise servers upload signature to the blockchain network, it would autorun the smart contract deployed in blockchain servers and intelligent process verification of the signature, as shown in Algorithm 1.(2)Social Co-Governance of Food Safety. If the quality problem happens in the food supply-chain, any consumer can report it anonymously by the blockchain network. On one hand, smart contract helps regulators timely deal with the potential risk of food safety incidents and investigates the legal liability of the enterprises involved; on the other hand, it will warn someone who spreads rumors. The smart contracts are constructed as shown in Algorithm 2 and 3.

	Input: signature and public key
	Output: success or alarm
(1)	Function: verify
(2)	IfThen
(3)	Writeblockchain
(4)	Authorize (nextstep)
(5)	Return Success
(6)	Else
(7)	Writeblockchain (false)
(8)	Return Alarm (“the signature is invalid”)
(9)	End If
(10)	End Function

	Input：Food safety report, trace key and public key
	Output：Alarm
(1)	Function Co-governance (report, ,)
(2)	result = Consensus (report)
(3)	reporter. getDataSign ()
(4)	If result = true Then
(5)	ID Trace (δ,,)
(6)	Writeblockchain (report)
(7)	Return Alarm (“the enterprise” + ID + “has food safety problems”)
(8)	Else
(9)	ID Trace (δ,,)
(10)	Return Alarm (“the reporter” + ID + “posts a malicious information”)
(11)	End If
(12)	End Function

	Input：Food safety report, trace key and public key
	Output：Identity information ID
(1)	Function Trace (δ,,)
(2)	ID null
(3)	If (Verify (δ, PK) = Success) Then
(4)	reporter. getListC ()
(5)	reporter. getList ()
(6)	h .getH ()
(7)	i 0
(8)	While (i < c.length)
(9)	If
Then
(10)	IDID + “1”
(11)	Else
(12)	IDID + “0”
(13)	End If
(14)	End While
(15)	End If
(16)	Return ID
(17)	END Function

3.5. Food Supply-Chain Regulation System Based on Blockchain-Cloud Fusion Scheme

With the blockchain-cloud fusion scheme, the food supply-chain regulation system overcomes the pain points of data sharing in the food industry. It is conductive to optimize the processes of information collection, quality inspection and supervision, and supply and marketing management. This part mainly introduces the system workflow.

We will describe the system workflow from two aspects of data sharing and data consumption. The shared data consist of consumer reports and food industry shared data.

3.5.1. Industry Data Sharing

On receiving the shared data from enterprises and regulators in the food supply-chain, the system workflow is as shown in Figure 3.

We will take the food enterprise data sharing as an example to detail the system workflow as follows:(1)Any system user should authenticate and register by the AA server first; then, the AA server would verify its identity and generate an anonymous private key. Each workflow needs this step so that we would not detail it again in other workflows.(2)After authentication is completed, the enterprise manager can share data by defining a signing predicate on demand and then sending it to the enterprise AA server.(3)The AA server generates an anonymity signature and sends the signature and the index of shared data to the blockchain network.(4)Blockchain server firstly determines the validity of data via smart contract and generates a data block. Validate and then broadcast the block to make a consensus decision with PBFT algorithm.(5)If more than 2/3 of the servers agree, the new data block will be stored in the blockchain.

3.5.2. Consumer Report

To promote social co-governance in food safety, the system provides an anonymous supervision report function for consumers and gives a reward in return. The system workflow of consumer reports is similar to the front workflow—the workflow is shown in Figure 4.(1)Consumers in the system report the food quality problems anonymously. They can define a signing predicate to generate an anonymous signature.(2)The AA server would share the report content and signature to the blockchain. Then, verify and generate a new data block with a signal tag. Make a consensus decision and store the block into the block chain.(3)The blockchain network will send an alert message to regulators to make a decision. The system will give a reward to the consumer in return if the alarm is validated for regulators.

In addition, data consumption consists of consumers inquiring about food quality on-demand and accountability.

3.5.3. Inquire Food Quality on Demand

The system consumers inquire about food information, as shown in Figure 5.(1)Consumers can inquire about the quality information (including quality inspection report, source, process, and transport) of each link’s raw material in the food supply-chain from a blockchain network.(2)It analyzes the data source index from the data block and gets the target data from the data owner’s server and then shows it to the consumer as a basis for food quality evaluation.

3.5.4. Accountability

Due to blockchain’s tamper-proofing feature, the system provides traceability for regulators to track the person responsible for rumors and food quality incidents. We take tracking a rumor-monger as an example to detail the system workflow as follows (as shown in Figure 6).(1)The regulator chooses a rumor to track the monger from the blockchain network. The system will authenticate the regulator and record the action.(2)Then, the system analyzes the rumor record, generates the rumor-monger’s ID, and returns it to the regulator, which can serve as a basis for the regulator to law enforcement [44].

4. Security Analysis

Blockchain-cloud fusion scheme inherits some essential characteristics of blockchain and cloud service to protect the system’s data. The tamper-proof feature of blockchain ensures data reliability. PBFT-based consensus mechanism can improve the system robustness, and DABS algorithms protect the system’s safety and stability. In this work, system security mainly prevents the leakage of user privacy. Since the data interaction in the scheme is based on the DABS algorithm, and user privacy information is processed and generated by DABS, the DABS algorithm’s security is the most critical factor for the protection of the scheme. We will mainly analyze the security of the DABS algorithm in this section.

4.1. Theorem 1: Unconditional Full Anonymity

Proof. This scheme can construct a sufficient signature if the signature attributes satisfy the signature predicate . With the predicate subset and default attributes mixed in the signature, the adversary Å cannot get signer attributes from the signature predicate. So, our scheme supports unconditional full anonymity if the adversary Å cannot get user identification information. According to the schemes [45], we construct the simulation as follows.(1)Setup: An adversary Å challenges the access control predicate . The simulator calls algorithm Setup() and outputs the PK, MSK, and TK. Then, it public the PK and MSK to Å. The adversary Å can construct any private key.(2)Challenge: In this phase, the Å chooses a random message and two attribute sets , where satisfies the signature predicate and then the Å transmit the and to . The works as follows:(i)The calls the algorithm Keygen() and returns the private key: = and = .(ii)The simulator chooses a bit, b ∈ {0, 1}, signs the message with (detailed as Section 3.3), and outputs the signature to Å:(iii)The Å guesses the , where (3)Guess: The adversary submits a guess . If , Å wins the game, which means the scheme cannot support the unconditional full anonymity security. Next, we discuss why the Å cannot win the game. Assume the simulator selects b = 1, signature predicate Then, it signs a message with and outputs as follows: As shows that only involve the user identification information, if there exists , , , and , the simulator can generate the same signature whatever a bit b chose. So, our scheme satisfies absolute full anonymity and does achieve perfect privacy.

4.2. Theorem 2: Noncollusion

Our scheme can provide defense against collusive attacks under adaptive selective messages and predicate attacks.

Proof. We describe our DABS scheme’s security model by the next game between simulator and adversary Å. The security model allows the adversary to query for any private keys that cannot be used to sign the challenge Message M [18]. Assume the adversaries can corrupt authorities statically, and the key queries are adaptively [46].
Assume there is a poly(t)-time algorithm for the adversary Å can break our scheme with non-negligible advantages under the adaptive selection message and collusive attack. Define parameters , used to label the query number of random oracles , H, and , generate the SK and signature, respectively. So, there is a poly(t)-time algorithm that can deal with the CDH problem with a non-negligible advantage. The security simulation proceeds as follows:(1)Initial: Assume predicate is a mini-subset of and = 1, where the attributes in are managed by . Let, and define the attribute set of users is Assume the corrupted AA group is SA = . The adversary Å can forge the signature only if another is corrupted. So, the collusive attack effect of our scheme can be reducible to attack a signal node . Define as the node attacked probability and . The simulator chooses a default attributes set for .(2)Setup: The simulator selects random exponent ∈ Send to adversary Å Select generators and publish to Å.(3)Query: The adversary Å can query by random oracle H,, SK, and signature. The simulator maintains the empty list ; the processes is as follows:(i) query: the simulator maintains the list to store the result . When receiving a query request from Å, checks and returns the result if the request had been received. Otherwise, chooses random parameters, and publishes to Å and then adds into .(ii) Query: the simulator maintains the list to store the result . When receiving a query request from Å, checks and returns the result if the request had been received. Otherwise, processes as follows:(a)If , it chooses a random parameter ∈, set , publishes to Å and then adds into .(b) If it chooses random parameters ∈, publishes to Å and then adds into .(iii)query: the simulator maintains the list to store the result and chooses random parameter When receiving a query request from Å, checks and returns the result if the same value has been queried. Otherwise, C processes as follows: If , it chooses ∈ and publishes to Å. Then, it adds into . If , it chooses ∈ and publishes to Å. Then, it adds into .(iv) query: the simulator maintains the list to store the result . When receiving a query request from Å, checks and returns the result if the same value has been queried. Otherwise, processes as follows:(a) If , it returns , . Then, adds into (b) If , it stops and defines the process event as .(v) query: on receiving a signature query of from Å, processes it as follows:(a) If , it checks , and , then calls the algorithm Sign(.), and returns to Å.(b) Else, it stops and defines the process event as (7)Challenge:(vi)The adversary Å challenges the security under a collusive attack. It chooses any two users with the attribute sets , respectively, where, and = 1.(vii)The adversary Å requires to query and , and checks and returns respectively.(viii)The adversary Å requires to query and , and checks and processes as follows:(ix), , .(x), , . So, the private key of the user can be reconstructed as : The adversary Å can get the private key is .(8)Forgery: Å constructs a signature where , and verifies correctness as follows: So, we can get . It means the CDH problem can be solved, and the advantage, where the probability of is is and .

5. Performance Analysis

To evaluate the performance of the schemes, we present theoretical analysis of storage complexity and experimental simulation of computation efficiency. Assume the group order in our scheme has the same length with the group order of G in comparison schemes. The parameter notation description is shown in Table 2.

5.1. Storage Complexity

The storage complexity is one of the most evaluation indexes of the food supply-chain regulation system. Compared with a traditional cloud-based system, our system’s storage cost mainly focuses on the blockchain and DABS algorithm. Since the blockchain network data primarily comes from DABS, we will mainly analyze the DABS algorithm’s storage complexity.

As shown in Table 3, we analyze the performance of the DABS scheme by comparing it with GSZ18’s scheme [26], LW10’s scheme [40], SZW18’s scheme [27], YJ13’s scheme [47], and RW13’s scheme [48]. These schemes adopt LSSS access control strategy except for [GSZ18] scheme with tree access control strategy. The AA storage overhead, which is used to store the master key and AA’s secret key, is in our scheme. It is significantly less than [LW10], [SZW18], and [GSZ18]. Since the AA in [YJ13] stores all users’ private keys to re-encrypt the ciphertext and update information during the revocation, the AA storage overhead will be less in our scheme if the number of users more than half of . Besides, compared with the normally anonymity for private keys in other schemes, we improve the security of users' private keys to unconditional full anonymity.

User storage overhead used to store the users’ private key is in our scheme, that is, better than + in [RW13] and in [GZW18]. The [GZW18] scheme costs communication time to communicate with AA to generate user private key, while it costs in ours. Further more, our signature size is that is more effective than [RW13] and [GSZ18]. And, our signature storage overhead has nothing with user attributes, which means that the future expansion of the system has little impact on the DABS algorithm. It provides a solution to track the signer identity by storing each parameter of . If the size of is set appropriately, the storage complexity of our scheme will be superior to the schemes [YJ13], [SZW18], [RW13], and [GSZ18].

5.2. Computation Efficiency

We implement our scheme, [LW10] scheme, [RW13] scheme, scheme in [49] (named as [BSW07]), and [27] scheme (named as [SUN18]) in window 10 system with an Intel (R) Core(TM) i7-8565U CPU @ 1.8 GHz 1.99 GHz and 8 GB RAM. And, the server is deployed in VMware® Workstation 15 Pro with the configuration shown in Table 4. It uses the Java Pairing-Based Cryptography (PBC) library version 2.0 to implement the access control schemes. We choose an asymmetric elliptic curve where the order p is a 160 bit length prime. Define the size of plaintext, generator, and GT generator is 128 Byte. We take the average value of 20 experiments as the final experimental result.

It mainly compares the time efficiency of setup, private key generation, signature, and verification. Figure 7(a) describes the comparison of setup time. Our scheme’s performance is much better than [LW10] scheme and [SUN18] scheme, because they spend too much time calculating the complex pairing operations. Figure 3(b) describes the comparison of key generation time where the number of default attributes is 5. Our scheme’s key generation time is less than [BSW07] scheme and [RW13] scheme. Figure 7(d) describes the comparison of verification time. It shows that our scheme incurs less verification time than others. Besides, our scheme support batch-verification with time complexity compared in other schemes. So, if batch signatures are verified, our system’s advantage will be more significant.

(a)

(b)

(c)

(d)

Figure 7(c) describes the performance comparison of signature algorithms, where the number of default attributes is 5. When the size of user attribute set is less than 25, the advantage of our scheme is not obvious compared with other schemes. But, once the user attributes size exceeds 25, the advantages of our scheme will gradually emerge. Because, our scheme takes some computational cost in terms of user attributes anonymity and identity tracking, including calculate 2bilinear operation to establish traceable evidence of user identity, which helps government regulators track down the malicious user. So, our scheme is more suitable for large and complex industry network.

6. Conclusion

We have proposed a food supply-chain regulation system based on a blockchain-cloud fusion scheme. It did not let the source data not out of data owners to protect enterprises’ benefit and reserves the original system architecture to reduce the cost. Then, we presented a security DABS scheme and proved the scheme with unconditional full anonymity and non-collusion. Our scheme will be more effective in complex industry networks. Besides, the system can promote the social co-governance of food safety, which is essential to the food industry’s sustainable development. The blockchain-cloud fusion scheme is a promising technique applied in democratic elections systems, online social networks, social co-governance in other industries, etc. [43, 50–56]

Data Availability

No data were used in this study.

Conflicts of Interest

The authors declare that there are no conflicts of interest regarding the publication of this paper.

Acknowledgments

This work was supported by the National Key R&D Program of China (No. 2018YFC1604000) and the National Natural Science Foundation of China (Nos. 61572374 and U163620068).

References

B. Tan, J. Yan, S. Chen, and X. Liu, “The impact of blockchain on food supply chain: the case of walmart,” Smart Blockchain, pp. 167–177, 2018.
View at: Publisher Site | Google Scholar
N. Kshetri, “Blockchain and the economics of food safety,” IT Professional, vol. 21, no. 3, pp. 63–66, 2019.
View at: Publisher Site | Google Scholar
R. Kamath, “Food traceability on blockchain: walmart’s pork and mango pilots with IBM,” The Journal of the British Blockchain Association, vol. 1, no. 1, pp. 47–58, 2018.
View at: Publisher Site | Google Scholar
L. M. Abenavoli, F. Cuzzupoli, V. Chiaravalloti et al., “Traceability system of olive oil: a case study based on the performance of a new software cloud,” Agronomy Research, vol. 14, no. 4, pp. 1247–1256, 2016.
View at: Google Scholar
C. V. Networking, “Cisco global cloud index: forecast and methodology, 2015-2020,” 2016, https://www.iotjournaal.nl/wp-content/uploads/2017/02/white-paper-c11-738085.pdf.
View at: Google Scholar
W. Zhang, M. Yang, X. Zhang, and H. Shi, “OMICC: an overlay multicast infrastructure based on cloud computing for streaming media data distribution,” ScienceAsia, vol. 42S, no. 1, pp. 56–63, 2016.
View at: Publisher Site | Google Scholar
J. Wang, Z. Zhao, Z. Xu et al., “I-sieve: an inline high performance deduplication system used in cloud storage,” Tsinghua Science and Technology, vol. 20, no. 1, pp. 17–27, 2015.
View at: Google Scholar
W. Zhang, X. Zhang, and H. Shi, “MMCSACC: a multi-source multimedia conference system assisted by cloud computing for smart campus,” IEEE Access, vol. 6, pp. 35879–35889, 2018.
View at: Publisher Site | Google Scholar
N. H. Ab Rahman and K.-K. R. Choo, “A survey of information security incident handling in the cloud,” Computers & Security, vol. 49, pp. 45–69, 2015.
View at: Publisher Site | Google Scholar
S. Nakamoto, “Bitcoin: a peer-to-peer electronic cash system,” 2008, https://www.researchgate.net/publication/228640975_Bitcoin_A_Peer-to-Peer_Electronic_Cash_System.
View at: Google Scholar
D. Macrinici, C. Cartofeanu, and S. Gao, “Smart contract applications within blockchain technology: a systematic mapping study,” Telematics and Informatics, vol. 35, no. 8, p. 2337, 2018.
View at: Publisher Site | Google Scholar
H. J. P. Marvin, E. M. Janssen, Y. Bouzembrak, P. J. M. Hendriksen, and M. Staats, “Big data in food safety: an overview,” Critical Reviews in Food Science and Nutrition, vol. 57, no. 11, pp. 2286–2295, 2016.
View at: Publisher Site | Google Scholar
S. Martins and Y. Yang, “Introduction to bitcoins: a pseudo-anonymous electronic currency system,” in Proceedings of the 2011 Conference of the Center for Advanced Studies on Collaborative Research (CASCON ’11), pp. 349-350, IBM Corp., Berlin, Germany, 2011.
View at: Publisher Site | Google Scholar
S. Amit and B. Waters, “Fuzzy identity-based encryption,” in Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques (EUROCRYPT’05), pp. 457–473, Springer-Verlag, Berlin, Germany, 2005.
View at: Publisher Site | Google Scholar
Maji, M. Prabhakaran, and M. Rosulek, “Attribute-based signatures,” in Proceedings of the 11th International Conference on Topics in Cryptology: CT-RSA 2011 (CT-RSA’11), pp. 376–392, Springer-Verlag, Berlin, Germany, 2011.
View at: Publisher Site | Google Scholar
J. Li and K. Kim, “Attribute-based ring signatures,” p. 394, 2012, https://www.mendeley.com/catalogue/49cb6d99-ee43-3089-8dbd-946fcd75f7c8/.
View at: Google Scholar
E. Bresson, J. Stern, and M. Szydlo, “Threshold ring signatures and applications to ad-hoc groups,” in Lecture Notes in Computer Science, M. Yung, Ed., vol. 2442, Springer, Berlin, Germany, 2002.
View at: Publisher Site | Google Scholar
X. Huang, Q. Tao, B. Qin, and Z. Liu, “Multi-authority attribute based encryption scheme with revocation,” in Proceedings of the 24th International Conference on Computer Communication and Networks (ICCCN), pp. 1–5, IEEE, Berlin, Germany, 2015.
View at: Publisher Site | Google Scholar
M. Chase, “Multi-authority attribute based encryption,” Theory of Cryptography, Springer, Berlin, Germany, 2007.
View at: Publisher Site | Google Scholar
K. Yang and X. Jia, “Attributed-based access control for multi-authority systems in cloud storage,” in Proceedings of the 2012 IEEE 32nd International Conference on Distributed Computing Systems, pp. 536–545, IEEE, Washington, DC, 2012.
View at: Publisher Site | Google Scholar
Z. Liu, Z. Cao, Q. Huang et al., “Fully secure multi-authority ciphertext-policy attribute-based encryption without random oracles,” Research in Computer Security, Springer, Berlin, Germany, 2011.
View at: Publisher Site | Google Scholar
R. Pass and E. Shi, “FruitChains,” in Proceedings of the ACM Symposium on Principles of Distributed Computing, pp. 315–324, New York, NY, USA, 2017.
View at: Publisher Site | Google Scholar
L. Cocco, A. Pinna, and M. Marchesi, “Banking on blockchain: costs savings thanks to the blockchain technology,” Future Internet, vol. 9, no. 3, p. 25, 2017.
View at: Publisher Site | Google Scholar
A. Maxmen, “AI researchers embrace Bitcoin technology to share medical data,” Nature, vol. 555, no. 7696, pp. 293-294, 2018.
View at: Publisher Site | Google Scholar
G. G. Dagher, J. Mohler, M. Milojkovic, and P. B. Marella, “Ancile: privacy-preserving framework for access control and interoperability of electronic health records using blockchain technology,” Sustainable Cities and Society, vol. 39, pp. 283–297, 2018.
View at: Publisher Site | Google Scholar
R. Guo, H. Shi, Q. Zhao, and D. Zheng, “Secure attribute-based signature scheme with multiple authorities for blockchain in electronic health records systems,” IEEE Access, vol. 6, pp. 11676–11686, 2018.
View at: Publisher Site | Google Scholar
Y. Sun, R. Zhang, X. Wang, K. Gao, and L. Liu, “A decentralizing attribute-based signature for healthcare blockchain,” in Proceedings of the 27th International Conference on Computer Communication and Networks (ICCCN), pp. 1–9, IEEE, Las Vegas, NV, USA, 2018.
View at: Publisher Site | Google Scholar
A. N. Eltayieb, A. R. Elhabob, B. A. Hassan et al., “A blockchain-based attribute-based signcryption scheme to secure data sharing in the cloud,” Journal of Systems Architecture, vol. 102, Article ID 101653, 2020.
View at: Google Scholar
M. Andoni, V. Robu, D. Flynn et al., “Blockchain technology in the energy sector: a systematic review of challenges and opportunities,” Renewable and Sustainable Energy Reviews, vol. 100, pp. 143–174, 2019.
View at: Publisher Site | Google Scholar
T. Bosona and G. Gebresenbet, “Food traceability as an integral part of logistics management in food and agricultural supply chain logistics management in food and agricultural supply chain,” Food Control, vol. 33, pp. 32–48, 2013.
View at: Publisher Site | Google Scholar
B. Fahimnia, J. Sarkis, and H. Davarzani, “Green supply chain management: a review and bibliometric analysis,” International Journal of Production Economics, vol. 162, pp. 101–114, 2015.
View at: Publisher Site | Google Scholar
Y.-P. Lin, J. Petway, J. Anthony et al., “Blockchain: the evolutionary next step for ICT e-agriculture,” Environments, vol. 4, no. 3, p. 50, 2017.
View at: Publisher Site | Google Scholar
Q. Tao, X. Cui, X. Huang, A. M. Leigh, and H. Gu, “Food safety supervision system based on hierarchical multi-domain blockchain network,” IEEE Access, vol. 7, pp. 51817–51826, 2019.
View at: Publisher Site | Google Scholar
K. A. Clauson, E. A. Breeden, C. Davidson et al., “Leveraging blockchain technology to enhance supply chain management in healthcare: an exploration of challenges and opportunities in the health supply chain,” Blockchain in Healthcare Today, vol. 1, no. 3, pp. 1–12, 2018.
View at: Google Scholar
S. Jangirala, A. K. Das, and A. V. Vasilakos, “Designing secure lightweight blockchain-enabled RFID-based authentication protocol for supply chains in 5G mobile edge computing environment,” IEEE Transactions on Industrial Informatics, vol. 16, no. 11, pp. 7081–7093, 2020.
View at: Publisher Site | Google Scholar
M. P. Caro, M. S. Ali, M. Vecchio et al., “Blockchain-based traceability in agri-food supply chain management: a practical implementation,” in Proceedings of the 2018 IoT vertical and topical summit on agriculture-tuscany (iot tuscany), pp. 1–4, IEEE, Tuscany, Italy, 2018.
View at: Google Scholar
F. Antonucci, S. Figorilli, C. Costa, F. Pallottino, L. Raso, and P. Menesatti, “A review on blockchain applications in the agri-food sector,” Journal of the Science of Food and Agriculture, vol. 99, no. 14, pp. 6129–6138, 2019.
View at: Publisher Site | Google Scholar
B. Amos, “Secure schemes for secret sharing and key distribution,” Isral institute of technology, Haifa, Israel, 1996, PhD Thesis.
View at: Google Scholar
M. Castro, “Practical byzantine fault tolerance and proactive recovery,” in Proceedings of the Symposium on Operating Systems Design and Implementation, pp. 173–186, USENIX Association, New Orleans, LA, USA, 1999.
View at: Publisher Site | Google Scholar
A. Lewko and B. Waters, “Decentralizing attribute-based encryption,” in Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 568–588, Springer, Berlin, Germany, 2011, http://citeseerx.ist.psu.edu/viewdoc/download;jsessionid=317E706FA7F1AD54460750309BC713F0?doi=10.1.1.
View at: Google Scholar
A. L. Ferrara, M. Green, S. Hohenberger et al., “Practical short signature batch verification,” in Proceedings of the Cryptographers Track at the RSA Conference, pp. 309–324, Springer, Berlin, Germany, 2009.
View at: Publisher Site | Google Scholar
G. Jens, O. Rafail, and S. Amit, “Perfect non-interactive zero knowledge for NP,” in Advances in Cryptology, Springer-Verlag, Berlin, Heidelberg, 2006.
View at: Publisher Site | Google Scholar
X. Boyen and B. Waters, “Compact group signatures without random oracles,” in Proceedings of theAnnual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 427–444, Springer, Berlin, Germany, 2006.
View at: Publisher Site | Google Scholar
L. Germany, “Blockchain data protection law | deloitte legal Deutschland [DB/OL], 2020-07-15,” 2020, https://www2.deloitte.com/dl/en/pages/legal/articles/blockchain-datenschutzrecht.html.
View at: Google Scholar
X. D. Liu, W. F. Zhang, and X. M. Wang, “Multi-Authority attribute-based alterable threshold ring signature without central authority,” Journal of Software, vol. 29, no. 11, pp. 3528–3543, 2018.
View at: Google Scholar
D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing,” in Proceedings of the Annual International Cryptology Conference, pp. 213–229, Springer, Berlin, Germany, 2001.
View at: Publisher Site | Google Scholar
K. Yang and X. Jia, “Expressive, efficient, and revocable data access control for multi-authority cloud storage,” IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 7, pp. 1735–1744, 2014.
View at: Publisher Site | Google Scholar
Y. Rouselakis and B. Waters, “Practical constructions and new proof methods for large universe attribute-based encryption,” in Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS ’13), pp. 463–474, ACM, New York, NY, USA, 2013.
View at: Publisher Site | Google Scholar
J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-Policy attribute-based encryption,” in Proceedings of the 2007 IEEE Symposium on Security and Privacy (SP ’07), 2007.
View at: Publisher Site | Google Scholar
S. F. Shahandashti and R. Safavi-Naini, “Threshold attribute-based signatures and their application to anonymous credential systems,” in Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology (AFRICACRYPT ’09), pp. 198–216, Springer-Verlag, Berlin, Germany, 2009.
View at: Publisher Site | Google Scholar
V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-based encryption for fine-grained access control of encrypted data,” in Proceedings of the 13th ACM Conference on Computer and Communications Security - CCS ’06, Berlin, Germany,, 2006.
View at: Publisher Site | Google Scholar
B. Waters, “Ciphertext-Policy attribute-based encryption: an expressive, efficient, and provably secure realization,” Public Key Cryptography, pp. 53–70, 2011.
View at: Publisher Site | Google Scholar
S. Müller, S. Katzenbeisser, and C. Eckert, “Distributed attribute-based encryption,” in Proceedings of the International Conference on Information Security and Cryptology, pp. 20–36, Springer, Berlin, Germany, 2008.
View at: Publisher Site | Google Scholar
G. Zyskind and O. Nathan, “Decentralizing privacy: using blockchain to protect personal data,” in Proceedings of the 2015 IEEE Security and Privacy Workshops, pp. 180–184, IEEE, San Jose, CA, USA, 2015.
View at: Publisher Site | Google Scholar
E. B. Sasson, A. Chiesa, C. Garman et al., “Zerocash: decentralized anonymous payments from bitcoin,” in Proceedings of the 2014 IEEE Symposium on Security and Privacy, pp. 459–474, IEEE, San Jose, CA, USA, 2014.
View at: Publisher Site | Google Scholar
J. Sun, Y. Su, J. Qin, J. Hu, and J. Ma, “Outsourced decentralized multi-authority attribute based signature and its application in IoT,” IEEE Transactions on Cloud Computing, p. 1, 2019.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2021 Q. Tao et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

980

Downloads

989

Citations

Security and Communication Networks

Blockchain for Systems Management and Cybersecurity

Cross-Department Secures Data Sharing in Food Industry via Blockchain-Cloud Fusion Scheme

Abstract

1. Introduction

1.1. Related Work

1.1.1. ABS

1.1.2. Blockchain

1.1.3. Supply Chain and Blockchain

1.2. Our Contributions

1.3. Organization

2. Preliminaries

2.1. Bilinear Map

2.2. Computational Assumption

2.3. Access Structure and Linear Secret-Sharing Schemes (LSSS)

2.4. Syntax of Decentralized Attribute-Based Signature Scheme (DABS)

2.5. Security Definitions

2.5.1. Unconditional Full Anonymity

2.5.2. Noncollusion

3. Cross-Department Secures Data Sharing in the Food Industry via Blockchain-Cloud Fusion Scheme

3.1. System Model

3.2. Threat Model and Design Goal

3.3. Proposed DABS Scheme

3.4. Social Co-Governance of Food Safety Based on Smart Contract

3.5. Food Supply-Chain Regulation System Based on Blockchain-Cloud Fusion Scheme

3.5.1. Industry Data Sharing

3.5.2. Consumer Report

3.5.3. Inquire Food Quality on Demand

3.5.4. Accountability

4. Security Analysis

4.1. Theorem 1: Unconditional Full Anonymity

4.2. Theorem 2: Noncollusion

5. Performance Analysis

5.1. Storage Complexity

5.2. Computation Efficiency

6. Conclusion

Data Availability

Conflicts of Interest

Acknowledgments

References

Copyright