Fine-Grained Data Rights Governance in Blockchain-Based Cloud-Edge Communications

Nowadays, cloud-edge communication has emerged as a promising communication paradigm, which leverages edge devices to provide a series of advantages, such as a fast response for end devices. However, considering complicated communication environments, a practical requirement is improving security by constructing decentralized and traceable communications. Currently, blockchains have been widely applied in cloud-edge communications to ensure decentralization and traceability by consensus. Despite these promising benefits, existing transparent and immutable blockchains inevitably introduce two limitations to data rights governance in blockchain-based cloud-edge communications. The first limitation is that transparent blockchains can hardly guarantee data confidentiality since data is accessible to all users, especially unauthorized users. The second limitation is that immutable blockchains can hardly support improper content redaction, which violates the right to be forgotten in GDPR. This paper proposes FDRG, the first fine-grained data rights governance scheme in blockchain-based cloud-edge communications. FDRG cryptographically ensures the right downward compatibility and user collusion resistance. Specifically, based on attributes and policies, FDRG partitions users into three roles (i.e., unauthorized user, readable user, and editable user) and ensures that editable users are compatible with the rights of readable users. The punchline is that FDRG leverages the linear secret sharing matrix-based secret sharing to govern the distribution of data decryption keys and chameleon hashes trapdoors. Formal security analysis proves the security of FDRG under the chosen-plaintext attack in the random oracle model. A full implementation on the FISCO blockchain platform shows that FDRG achieves competitive efficiency compared to state-of-the-art related schemes.