计算机科学

计算机科学 ›› 2025, Vol. 52 ›› Issue (11A): 250100131-10.doi: 10.11896/jsjkx.250100131

• 信息安全 • 上一篇    下一篇

面向物资供应链的隐私保护多主体跨证书体系认证及访问控制模型

杨珂1, 郭庆雷2,3, 沈一鸣4, 柏能4, 宋文婷5, 王伟宇2,3   

  1. 1 国网数字科技控股有限公司 北京 100077
    2 国网区块链科技(北京)有限公司 北京 100077
    3 国网区块链应用技术实验室 北京 100077
    4 国网江苏省电力有限公司物资分公司 南京 210036
    5 国家电网有限公司大数据中心 北京 100052
  • 出版日期:2025-11-15 发布日期:2025-11-10
  • 通讯作者: 郭庆雷(guoqinglei@sgdt.sgcc.com.cn)
  • 作者简介:keyang@amss.ac.cn
  • 基金资助:
    国家电网公司总部科技项目(5700-202418240A-1-1-ZN)

Privacy-preserving Cross-certificate System Authentication and Access Control Model for Material Supply Chain

YANG Ke1, GUO Qinglei2,3, SHEN Yiming4, BAI Neng4, SONG Wenting5, WANG Weiyu2,3   

  1. 1 State Grid Digital Technology Holding Co.,Ltd.,Beijing 100077,China
    2 State Grid Blockchain Technology(Beijing) Co.,Ltd.,Beijing 100077,China
    3 State Grid Blockchain Application Technology Laboratory,Beijing 100077,China
    4 State Grid Jiangsu Electric Power Co.,Ltd.,Materials Branch,Nanjing 210036,China
    5 Big Data Center of State Grid Corporation of China,Beijing 100052,China
  • Online:2025-11-15 Published:2025-11-10
  • Supported by:
    Science and Technology Project of State Grid Electric Power Co.,Ltd.(5700-202418240A-1-1-ZN).

PDF (PC)

13

摘要: 在推动物资供应链现代化的过程中,电子化数据管理已成为政府和企业采购的关键手段,对于增强市场竞争力和确保交易公平性具有决定性影响。然而,电子采购在招投标阶段面临诸多挑战,包括电子数据来源的多样性导致可信度不一、投标人隐私保护难题以及招投标人之间的潜在共谋风险。区块链技术以其去中心化、分布式账本和透明度高的特性,与电子采购中参与者分散的特点高度契合。针对上述挑战,提出了一种面向物资供应链的隐私保护多主体跨证书体系认证方案。该方案通过智能合约维护信任列表,结合高效的 Merkle 树签名实现低存储开销的证书签发,既确保了证书颁发机构和投标方的可信性,又优化了跨域证书验证流程,进一步提升了认证过程的透明性与一致性。同时,采用属性基加密对投标方敏感数据加密存储,设置细粒度访问控制,仅授权招标方访问必要信息,有效防范开标前的共谋风险,保障投标过程的公平与透明。严格的安全性分析和仿真测试表明,所提方案在实现多主体跨证书体系认证的同时,能够保障投标人隐私,并提供灵活的访问控制。

关键词: 物资供应链, 跨证书体系认证, 智能合约, 隐私保护, 属性基加密

Abstract: Electronic data management has emerged as a pivotal tool for government and corporate procurement in the process of modernizing material supply chains,which plays a decisive role in boosting market competitiveness and ensuring fairness in transactions.However,electronic procurement faces several challenges,especially during the bidding process.These include the varying credibility of diverse electronic data sources,the difficulty of protecting bidders’ privacy,and potential risks of collusion between bidders and procurers.Blockchain technology,with its decentralized structure,distributed ledger,and high transparency,aligns well with the distributed nature of participants in electronic procurement.To address these challenges,this paper proposes a privacy-preserving multi-entity cross-certificate authentication and access control model for material supply chains.The system utilizes smart contracts to maintain a trust list and employs efficient Merkle tree signatures for certificate issuance with minimal storage overhead.This ensures the trustworthiness of both certificate authorities and bidders,while optimizing the cross-domain certificate verification process,further enhancing the transparency and consistency of authentication.Additionally,the system employs attribute-based encryption to encrypt and store sensitive data from bidders.Fine-grained access control is implemented to allow only authorized procurers to access the necessary information,effectively preventing collusion risks before the bid opening and ensures fairness and transparency in the bidding process.Rigorous security analysis and simulation tests demonstrate that the proposed solution not only supports multi-entity cross-certificate system authentication,but also safeguards bidder privacy,providing flexible and robust access control.

Key words: Material supply chain, Cross-certificate system authentication, Smart contract, Privacy preservation, Attribute-based encryption

中图分类号: 

  • TP309
[1]Guiding Opinions of the State Council on Accelerating the Establishment and Improvement of a Green,Low Carbon,and Circular Development Economic System[M].China Enterprise Reform and Development 2021 Blue Book State Counci,2021:5.DOI:10.26914/c.cnkihy.2021.070330.
[2]WANG Q L,REN Z Y,WU X Y,et al.Blockchain-based Internet of Things Traceable and Anonymous Cross-domain AuthenticationScheme[J].Computer Science,2025,52(5):337-344.
[3]TIAN H L,XIAN M J,GE P.Fine Grained Security Access Control Mechanism Based on Blockchain[J].Computer Science,2024,51(S1):1035-1041.
[4]FAN C I,WU C N,SUN W Z.Multi-recastable E-BiddingScheme[C]//2008 Eighth International Conference on Intelligent Systems Design and Applications.IEEE,2008:462-466.
[5]XU J,SONG J.A new management system for Intelligent E-Bidding[C]//2013 IEEE 4th International Conference on Software Engineering and Service Science.IEEE,2013:158-161.
[6]CHEN Y H,CHEN S H,LIN I C.Blockchain based smart contract for bidding system[C]//2018 IEEE International Confe-rence on Applied System Invention(ICASI).IEEE,2018:208-211.
[7]TRINH V A,TRINH V C.One-Verifier Signature Scheme andIts Applications[C]//Proceedings of the 10th International Symposium on Information and Communication Technology.2019:261-266.
[8]MANIMARAN P,DHANALAKSHMI R.Blockchain-basedsmart contract for e-bidding system[C]//2019 2nd International Conference on Intelligent Communication and Computational Techniques(ICCT).IEEE,2019:55-59.
[9]WANG D,ZHAO J,MU C.Research on blockchain-based e-bidding system[J].Applied Sciences,2021,11(9):4011.
[10]SARFARAZ A,CHAKRABORTTY R K,ESSAM D L.A tree structure-based improved blockchain framework for a secure online bidding system[J].Computers & Security,2021,102:102147.
[11]OMAR I A,HASAN H R,JAYARAMAN R,et al.Implemen-ting decentralized auctions using blockchain smart contracts[J].Technological Forecasting and Social Change,2021,168:120786.
[12]XU D,YANG Q.The systems approach and design path of electronic bidding systems based on blockchain technology[J].Electronics,2022,11(21):3501.
[13]MERKLER C.Secrecy,authentication,and public key systems[M].Stanford University,1979.
[14]LAURIE B.Certificate transparency[J].Communications of the ACM,2014,57(10):40-46.
[15]ZHANG Y Z,DENG R H,XU S M,et al.Attribute-based encryption for cloud computing access control:A survey[J].ACM Computing Surveys,2020,53(4):141.
[16]ZHANG Y,DENG R H,XU S,et al.Attribute-based encryption for cloud computing access control:A survey[J].ACM Computing Surveys,2020,53(4):1-41.
[17]LIU Z,CAO Z,WONGD S.Efficient generation of linear secret sharing scheme matrices from threshold access trees[J].Cryptology ePrint Archive,2010.
[18]SHEN M,LIU H,ZHU L,et al.Blockchain-assisted secure device authentication for cross-domain industrial IoT[J].IEEE Journal on Selected Areas in Communications,2020,38(5):942-954.
[19]JIA X,HU N,SU S,et al.IRBA:An identity-based cross-domain authentication scheme for the internet of things[J].Electronics,2020,9(4):634.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发