Blockchain empowered access control for digital twin system with attribute-based encryption

Abstract

Digital twin is a pivotal and burgeoning technique that plays a crucial role in the realms of digital transformation and intelligent advancement. To bolster diverse applications and realize digital transformation, it is imperative to share the generated device data among multiple stakeholders involved in the digital twin system product life cycle. Since the device data contains sensitive and secret information, strict access control is required. Attribute-based encryption (ABE) is commonly employed for the construction of a cryptographic-enforced data access control scheme. ABE enables data confidentiality and one-to-many fine-grained access control due to its flexibility and high scalability. Unfortunately, traditional ABE schemes adopted in digital twin system has been hindered by the single point of failure and trust problems. Blockchain is a secure distributed ledger technology with decentralization and tamper-proofing properties. In this article, we present a blockchain-empowered data access control scheme for digital twin system with attribute-based encryption. Firstly, blockchain is employed to construct a complete, tamper-resistant, and efficient architecture for digital twin system to address challenges of access control. Subsequently, to ensure the confidentiality of digital twin data, we employ ciphertext-policy ABE (CP-ABE) to achieve fine-grained and one-to-many access control. Finally, we combine blockchain-based architecture with the interplanetary file system (IPFS) to propose a data storage scheme to release storage pressure on the blockchain and improve system efficiency. Security analysis and performance evaluation exhibit that the proposed access control scheme can effectively protect the data security of digital twin system with efficient storage.