Multi-party business processes rely on the collaboration of various players in a decentralized setting. Blockchain technology can facilitate the automation of these processes, even in cases where trust among participants is limited. Transactions are stored in a ledger, a replica of which is retained by every node of the blockchain network. The operations saved thereby are thus publicly accessible. While this enhances transparency, reliability, and persistence, it hinders the utilization of public blockchains for process automation as it violates typical confidentiality requirements in corporate settings. In this paper, we propose MARTSIA: A Multi-Authority Approach to Transaction Systems for Interoperating Applications. MARTSIA enables precise control over process data at the level of message parts. Based on Multi-Authority Attribute-Based Encryption (MA-ABE), MARTSIA realizes a number of desirable properties, including confidentiality, transparency, and auditability. We implemented our approach in proof-of-concept prototypes, with which we conduct a case study in the area of supply chain management. Also, we show the integration of MARTSIA with a state-of-the-art blockchain-based process execution engine to secure the data flow.
翻译:多方业务流程依赖于分散设置下的各种参与者的协作。区块链技术能够促进这些流程的自动化,即使在参与者之间的信任有限的情况下也可以实现。交易存储在一个分布式账本中,每个节点都保存了该账本的副本。因此,所保存的操作是公开可访问的。虽然这增强了透明度、可靠性和持久性,但它违反了企业环境下的典型保密要求,阻碍了在公共区块链上实现流程自动化。在本文中,我们提出了MARTSIA:用于互操作应用程序的事务系统的多权威方法。MARTSIA能够在消息部分的级别上对流程数据进行精确的控制。基于多权威属性加密(MA-ABE),MARTSIA实现了许多理想的属性,包括机密性、透明性和可审计性。我们在概念证明原型中实现了我们的方法,并在供应链管理领域进行了案例研究。此外,我们展示了MARTSIA与最先进的基于区块链的流程执行引擎的集成,以保护数据流。