SDSM: Secure Data Sharing for Multilevel Partnerships in IoT Based Supply Chain

Abstract

Symmetric encryption algorithms enable rapid encryption of data in IoT based supply chains, which helps to alleviate the concerns of supply chain participants about privacy disclosure when sharing data. However, in supply chain management where multilevel partnerships exist universally, a pure symmetric encryption scheme cannot provide efficient data sharing and fine-grained access control. To overcome these problems, this paper proposes a secure data sharing scheme (SDSM) for IoT based supply chains by combining blockchain and ciphertext-based attribute cryptography. This scheme supports the enforcement of fine-grained access control for different levels of partnerships. In addition, to identify partnerships, we propose a metric based on the historical transaction facts on the blockchain, where the level of partnerships among participants is automatically calculated by smart contracts. Finally, we introduce personalized attributes of participants in the ciphertext-based attribute encryption algorithm to support the construction of access policies that include partnerships, allowing for more fine-grained access control. Security analyses and simulation experiments show that our proposed scheme is secure, effective, and practical.