This work is supported by National Key Rearch and Development Program of China (2019YFB2102500)
政务服务跨域协作是政府数字化转型和跨域治理相结合所催生的新型治理模式，是政务服务治理的价值目标。由于政府各部门的具体业务和功能不同，各部门都有一套独立的数据管理系统，且各信息化系统存储多样、数据格式复杂、业务流程各异。如何安全可靠地实现各个部门之间的数据共享已成为一项研究难点。传统政务数据共享通常采用集中式共享模式，该模式容易引发数据隐私泄露、部门权限混乱、单点故障等一系列问题。为解决上述问题，该文提出了一种属性基加密与区块链结合的政务数据共享方案。首先，由数据拥有者制定访问控制策略，对数据请求者的属性进行限制；然后，利用子集覆盖技术，实现数据安全共享中的细粒度访问控制及密钥更新，结合线性秘密共享，以实现访问策略的完全隐藏，采用星际文件系统分布式网络存储对称加密后的密文，以缓解区块链系统的存储压力；最后，利用 Keccak 算法对检索数据密文的哈希值进行重加密，实现数据的完整性验证。通过安全性分析和相关实验可知，该文所提方案在安全性和效率方面均能满足政务数据安全共享的需求，可实现政务数据的高效、安全和可溯源共享。
Cross-domain collaboration of government services is a new governance model, which has been spawned by the combination of digital transformation of government and cross-domain governance. This model is aimed at achieving the value goal of governance of government services. However, due to the different specific business and functions of each government department, each department has an independent data management system, and each information system has diverse storage, complex data formats and different business processes. As a result, sharing and utilizing the heterogeneous data between departments in a safe and reliable way has become a challenging research problem. Traditional government data sharing usually adopts a centralized sharing mode, which is prone to a series of issues such as data privacy leakage, departmental authority problems, and single point of failure. To address this issue, this paper proposes a government data sharing scheme that combines attribute-based encryption and blockchain. Firstly, an access control policy is formulated by the data owner to restrict the attributes of data requesters. Subsequently, fine-grained access control as well as key update in secure data sharing is achieved by using subset overlay technology, which is combined with linear secret sharing to achieve complete hiding of the access policy. The inter planetary file system distributed network is used to store the ciphertext after symmetric encryption to relieve the storage pressure of the blockchain system. Finally, the hash of the retrieved data ciphertext is re-encrypted using the Keccak algorithm to achieve data integrity verification. Security analysis and experimental analysis show that the proposed scheme can meet the requirements of secure sharing of government data in terms of security and efficiency, and thus realize the secure and traceable sharing of government data.
QU Jingqi, LI Honghui, CUI Jiasheng, et al. Research on Blockchain-Based Traceable Government Big Data Sharing Method[J]. Journal of Integration Technology,2023,12(3):19-33