Blockchain-based mechanism for fine-grained authorization in data crowdsourcing

Data crowdsourcing is a distributed data acquisition method to efficiently collect a sizeable amount of high-quality data from a large network of contributors who participate in data trading activities. However, traditional data crowdsourcing platforms are almost invariably based on a centralized architecture, which tends to give unfair advantages to the platform operator; besides, centralized platforms are obvious targets for cybersecurity attacks and become a single point of failure. Furthermore, a centralized approach with stringent security control also suffers from serious scalability issue. For example, if data owners manage a database with large amounts of valuable data, they have to retrieve data from their database in accordance with certain access policies and encrypt retrieved data for each requester; hence they become bottlenecks in the data trading process when the number of requesters is very large. To address the above issues, we propose a blockchain-based mechanism for fine-grained authorization in data crowdsourcing (BC-FGA-DCrowd). In the BC-FGA-DCrowd scheme, we use a public blockchain to implement cryptocurrencies and payment services as incentive schemes for data trading platform users. With this approach, data owners can employ Ciphertext-Policy Attribute-Based Encryption (CP-ABE) to pre-process the complex encryption workload, and generate the attribute private key for data requester to achieve the fine-grained authorization. In this paper, we also prove that the BC-FGA-DCrowd scheme satisfies the correctness and fairness requirements of data trading, and can effectively withstand malicious activities of internal users and external DDos and Sybil attackers. The approach was tested on a private Ethereum network using Ganache with a local host. (C) 2020 Elsevier B.V. All rights reserved.