Download presentation
Presentation is loading. Please wait.
Published byHanna-Mari Heikkinen Modified 5年之前
1
Decentralized document version control using ethereum blockchain and IPFS
Source: Computers and Electrical Engineering, Vol. 76, pp , Jun. 2019 Authors: Nishara Nizamuddin, Khaled Salah, Muhammad Ajmal Azad, Junaid Arshad, Muhammad Habib ur Rehman Speaker: Kai-Fan Chien Date: 4/27/2019 1.2位/阿拉伯聯合大公國/哈利法大學 3.英國/德比大學 4.英國/西倫敦大學 5.巴基斯坦/國立計算機與新興科學大學
2
Outline Introduction Related work Proposed blockchain-based solution
Implementation design and testing Security and vulnerability analysis Conclusion
3
Decentralized systems
Introduction(1/2) Integrative collaboration Version control Centralized systems Logs Decentralized systems 共同作業開發環境 有版本問題與紀錄或檔案可能受攻擊 Can be tampered
4
Introduction(2/2) Bitcoin's blockchain
1MB size limit per block InterPlanetary File System (IPFS) Most popular and well-established platform Content addressable, peer-to-peer, open source, a globally distributed file system Bitcoin‘s blockchain無法儲存大型文件 IPFS可以/點對點/內容可尋址/開源/分散式
5
Related work(1/4) InterPlanetary File System (IPFS)
Content addressable Peer-to-peer QmYf56srJ24cB64
6
Related work(2/4) InterPlanetary File System (IPFS)
Decentralized storage system 256KB IPFS Object Data ‘‘Hello World’’ Links [] IPFS Object Data Links [] IPFS Object Data Links [] IPFS Object Data Links [ ] IPFS Object Data Links [] IPFS Object Data Links []
7
Related work(3/4) InterPlanetary File System (IPFS)
Cannot changed Photo.jpg Data Links [ ] Script.txt Data Links [ ] My Videos Photo.jpg My Videos Data Links [ , ] Data Video.mp4 Data Links [ ] Script/劇本 轉變成IPFS/物件、結構 丟上IPFS就不能改,類似區塊鏈 Data Links [ , ] Script.txt Video.mp4
8
Related work(4/4) InterPlanetary File System (IPFS)
Versioning … Commit Parent none Object Commit Parent Object Commit Parent Object My Data v1 My Data v2 My Data v3 支援版本更新 要分享時IPFS生成Commit,指向檔案更新時加入新檔,生成新Commit並聯結先前檔案
9
Proposed blockchain-based solution(1/2)
System overview and design Developers (D) and Approvers (A) Off chain 1檔案有1SC 1.Data所有者=SC所有者 版本確認由其他批准者以共識方式完成(全部or2/3)
10
Proposed blockchain-based solution(2/2)
System overview and design Smart contract Methods Modifiers Variables Data type Functions 智慧合約內容包含 方法:函式 修飾符:存取控制 變數:資料型態 Access control
11
Implementation design and testing (1/9)
Functions Events Off-chain messages Message sequence diagram for document approval Developer Smart Contract Approvers createContract() uploadDocumentToIPFS() DocumentUploaded requestForApproval(IPFS hash) ApprovalRequested provideApprovalToUpload(yes/no) ApprovalGranted(for new version Vi if yes from 2/3 approvers) Off chain 流程 版本更新的流程(分為函式跟動作)
12
Implementation design and testing (2/9)
Functions Events Registration of new developers/approvers Developer Smart Contract Approvers New Approver / Developer Restration requestNewRegistration() NewRegistrationRequested voteToApprove(at least75%) NewRegistrationRequestGranted New registration request granted by all approvers 新開發者或審核者加入
13
Implementation design and testing (3/9)
Approving document version of request made by developers 提出版本更新請求 合約狀態從Created變成WaitForApproversSignature, 開發者狀態變成SubmittedForApproval,等2/3人承認
14
Implementation design and testing (4/9)
Providing consent by Approvers for uploaded documents Agree 審核人員同意更新 若同意:合約狀態變成SignatureProvided、開發人員狀態變ApprovalProvided、審核者狀態變ApprovalSuccess 若失敗:合約狀態變成SignatureDenied、開發人員狀態變ApprovalNotProvided、審核者狀態變ApprovalFailed Disagree
15
Implementation design and testing (5/9)
Processing new registration requests 一開始狀態為WaitToRegister 2/3同意後修改合約狀態為NewRegRequested、註冊狀態改為NewRegistrationRequested、並廣播此消息
16
Implementation design and testing (6/9)
Log after executing provideApprovalToUpload() function successfully 同意版本更新
17
Implementation design and testing (7/9)
Logs showing event SignatureNotProvided and ApprovalRejected 拒絕版本更新
18
Implementation design and testing (8/9)
Log showing event ApprovedSuccess triggered 成功註冊
19
Implementation design and testing (9/9)
Logs showing event DenyRequest triggered 拒絕註冊
20
Security and vulnerability analysis (1/2)
Code vulnerability The DAO (Decentralized autonomous organization) DAO遭駭客攻擊事件 智慧合約中的漏洞分類
21
Security and vulnerability analysis (2/2)
Verified smart contract code for popular security vulnerabilities ChainSecurity and Oyente
22
Conclusion Decentralized solution for version control and sharing of documents
Similar presentations