-
Unlearning Backdoor Attacks through Gradient-Based Model Pruning
Authors:
Kealan Dunnett,
Reza Arablouei,
Dimity Miller,
Volkan Dedeoglu,
Raja Jurdak
Abstract:
In the era of increasing concerns over cybersecurity threats, defending against backdoor attacks is paramount in ensuring the integrity and reliability of machine learning models. However, many existing approaches require substantial amounts of data for effective mitigation, posing significant challenges in practical deployment. To address this, we propose a novel approach to counter backdoor atta…
▽ More
In the era of increasing concerns over cybersecurity threats, defending against backdoor attacks is paramount in ensuring the integrity and reliability of machine learning models. However, many existing approaches require substantial amounts of data for effective mitigation, posing significant challenges in practical deployment. To address this, we propose a novel approach to counter backdoor attacks by treating their mitigation as an unlearning task. We tackle this challenge through a targeted model pruning strategy, leveraging unlearning loss gradients to identify and eliminate backdoor elements within the model. Built on solid theoretical insights, our approach offers simplicity and effectiveness, rendering it well-suited for scenarios with limited data availability. Our methodology includes formulating a suitable unlearning loss and devising a model-pruning technique tailored for convolutional neural networks. Comprehensive evaluations demonstrate the efficacy of our proposed approach compared to state-of-the-art approaches, particularly in realistic data settings.
△ Less
Submitted 6 May, 2024;
originally announced May 2024.
-
Advanced Dataset Discovery: When Multi-Query-Dataset Cardinality Estimation Matters
Authors:
Tingting Wang,
Shixun Huang,
Zhifeng Bao,
J. Shane Culpepper,
Reza Arablouei,
Volkan Dedeoglu
Abstract:
As available data increases, so too does the demand to dataset discovery. Existing studies often yield coarse-grained results where significant information overlaps and non-relevant data occur. They also implicitly assume that a user can purchase all datasets found, which is rarely true in practice. Therefore, achieving dataset discovery results with less redundancy using fine-grained information…
▽ More
As available data increases, so too does the demand to dataset discovery. Existing studies often yield coarse-grained results where significant information overlaps and non-relevant data occur. They also implicitly assume that a user can purchase all datasets found, which is rarely true in practice. Therefore, achieving dataset discovery results with less redundancy using fine-grained information needs and a budget is desirable. To achieve this, we study the problem of finding a set of datasets that maximize distinctiveness based on a user's fine-grained information needs and a base dataset while kee** the total price of the datasets within a budget. The user's fine-grained information needs are expressed as a query set and the distinctiveness for a set of datasets, which is the number of distinct tuples produced by the query set on the datasets which do not overlap with the base dataset. First, we prove the NP-hardness of this problem. Then, we develop a greedy algorithm that achieves an approximation of (1-e^{-1})/2. But this algorithm is neither efficient nor scalable as it frequently computes the exact distinctiveness during dataset selection, which requires every tuple for the query result overlap in multiple datasets to be tested. To this end, we propose an efficient and effective machine-learning-based (ML-based) algorithm to estimate the distinctiveness for a set of datasets, without the need for testing every tuple. The proposed algorithm is the first to support cardinality estimation (CE) for a query set on multiple datasets, as previous studies only support CE for a single query on a single dataset, and cannot effectively identify query result overlaps in multiple datasets. Extensive experiments using five real-world data pools demonstrate that our greedy algorithm using ML-based distinctiveness estimation outperforms all other baselines in both effectiveness and efficiency.
△ Less
Submitted 31 December, 2023;
originally announced January 2024.
-
IoT Data Trust Evaluation via Machine Learning
Authors:
Timothy Tadj,
Reza Arablouei,
Volkan Dedeoglu
Abstract:
Various approaches based on supervised or unsupervised machine learning (ML) have been proposed for evaluating IoT data trust. However, assessing their real-world efficacy is hard mainly due to the lack of related publicly-available datasets that can be used for benchmarking. Since obtaining such datasets is challenging, we propose a data synthesis method, called random walk infilling (RWI), to au…
▽ More
Various approaches based on supervised or unsupervised machine learning (ML) have been proposed for evaluating IoT data trust. However, assessing their real-world efficacy is hard mainly due to the lack of related publicly-available datasets that can be used for benchmarking. Since obtaining such datasets is challenging, we propose a data synthesis method, called random walk infilling (RWI), to augment IoT time-series datasets by synthesizing untrustworthy data from existing trustworthy data. Thus, RWI enables us to create labeled datasets that can be used to develop and validate ML models for IoT data trust evaluation. We also extract new features from IoT time-series sensor data that effectively capture its auto-correlation as well as its cross-correlation with the data of the neighboring (peer) sensors. These features can be used to learn ML models for recognizing the trustworthiness of IoT sensor data. Equipped with our synthesized ground-truth-labeled datasets and informative correlation-based feature, we conduct extensive experiments to critically examine various approaches to evaluating IoT data trust via ML. The results reveal that commonly used ML-based approaches to IoT data trust evaluation, which rely on unsupervised cluster analysis to assign trust labels to unlabeled data, perform poorly. This poor performance can be attributed to the underlying unsubstantiated assumption that clustering provides reliable labels for data trust, a premise that is found to be untenable. The results also show that the ML models learned from datasets augmented via RWI while using the proposed features generalize well to unseen data and outperform existing related approaches. Moreover, we observe that a semi-supervised ML approach that requires only about 10% of the data labeled offers competitive performance while being practically more appealing compared to the fully-supervised approaches.
△ Less
Submitted 15 August, 2023;
originally announced August 2023.
-
Trust and Reputation Management for Blockchain-enabled IoT
Authors:
Guntur Dharma Putra,
Sidra Malik,
Volkan Dedeoglu,
Salil S Kanhere,
Raja Jurdak
Abstract:
In recent years, there has been an increasing interest in incorporating blockchain for the Internet of Things (IoT) to address the inherent issues of IoT, such as single point of failure and data silos. However, blockchain alone cannot ascertain the authenticity and veracity of the data coming from IoT devices. The append-only nature of blockchain exacerbates this issue, as it would not be possibl…
▽ More
In recent years, there has been an increasing interest in incorporating blockchain for the Internet of Things (IoT) to address the inherent issues of IoT, such as single point of failure and data silos. However, blockchain alone cannot ascertain the authenticity and veracity of the data coming from IoT devices. The append-only nature of blockchain exacerbates this issue, as it would not be possible to alter the data once recorded on-chain. Trust and Reputation Management (TRM) is an effective approach to overcome the aforementioned trust issues. However, designing TRM frameworks for blockchain-enabled IoT applications is a non-trivial task, as each application has its unique trust challenges with their unique features and requirements. In this paper, we present our experiences in designing TRM framework for various blockchain-enabled IoT applications to provide insights and highlight open research challenges for future opportunities.
△ Less
Submitted 8 December, 2022;
originally announced December 2022.
-
Towards Blockchain-based Trust and Reputation Management for Trustworthy 6G Networks
Authors:
Guntur Dharma Putra,
Volkan Dedeoglu,
Salil S Kanhere,
Raja Jurdak
Abstract:
6G is envisioned to enable futuristic technologies, which exhibit more complexities than the previous generations, as it aims to bring connectivity to a large number of devices, many of which may not be trustworthy. Proper authentication can protect the network from unauthorized adversaries. However, it cannot guarantee in situ reliability and trustworthiness of authorized network nodes, as they c…
▽ More
6G is envisioned to enable futuristic technologies, which exhibit more complexities than the previous generations, as it aims to bring connectivity to a large number of devices, many of which may not be trustworthy. Proper authentication can protect the network from unauthorized adversaries. However, it cannot guarantee in situ reliability and trustworthiness of authorized network nodes, as they can be compromised post-authentication and impede the reliability and resilience of the network. Trust and Reputation Management (TRM) is an effective approach to continuously evaluate the trustworthiness of each participant by collecting and processing evidence of their interactions with other nodes and the infrastructure. In this article, we argue that blockchain-based TRM is critical to build trustworthy 6G networks, where blockchain acts as a decentralized platform for collaboratively managing and processing interaction evidence with the end goal of quantifying trust. We present a case study of resource management in 6G networks, where blockchain-based TRM quantifies and maintains reputation scores by evaluating fulfillment of resource owner's obligations and facilitating resource consumers to provide feedback. We also discuss inherent challenges and future directions for the development of blockchain-based TRM for next-generation 6G networks.
△ Less
Submitted 16 August, 2022;
originally announced August 2022.
-
Decentralised Trustworthy Collaborative Intrusion Detection System for IoT
Authors:
Guntur Dharma Putra,
Volkan Dedeoglu,
Abhinav Pathak,
Salil S. Kanhere,
Raja Jurdak
Abstract:
Intrusion Detection Systems (IDS) have been the industry standard for securing IoT networks against known attacks. To increase the capability of an IDS, researchers proposed the concept of blockchain-based Collaborative-IDS (CIDS), wherein blockchain acts as a decentralised platform allowing collaboration between CIDS nodes to share intrusion related information, such as intrusion alarms and detec…
▽ More
Intrusion Detection Systems (IDS) have been the industry standard for securing IoT networks against known attacks. To increase the capability of an IDS, researchers proposed the concept of blockchain-based Collaborative-IDS (CIDS), wherein blockchain acts as a decentralised platform allowing collaboration between CIDS nodes to share intrusion related information, such as intrusion alarms and detection rules. However, proposals in blockchain-based CIDS overlook the importance of continuous evaluation of the trustworthiness of each node and generally work based on the assumption that the nodes are always honest. In this paper, we propose a decentralised CIDS that emphasises the importance of building trust between CIDS nodes. In our proposed solution, each CIDS node exchanges detection rules to help other nodes detect new types of intrusion. Our architecture offloads the trust computation to the blockchain and utilises a decentralised storage to host the shared trustworthy detection rules, ensuring scalability. Our implementation in a lab-scale testbed shows that the our solution is feasible and performs within the expected benchmarks of the Ethereum platform.
△ Less
Submitted 21 October, 2021;
originally announced October 2021.
-
Blockchain for Trust and Reputation Management in Cyber-physical Systems
Authors:
Guntur Dharma Putra,
Volkan Dedeoglu,
Salil S Kanhere,
Raja Jurdak
Abstract:
The salient features of blockchain, such as decentralisation and transparency, have allowed the development of Decentralised Trust and Reputation Management Systems (DTRMS), which mainly aim to quantitatively assess the trustworthiness of the network participants and help to protect the network from adversaries. In the literature, proposals of DTRMS have been applied to various Cyber-physical Syst…
▽ More
The salient features of blockchain, such as decentralisation and transparency, have allowed the development of Decentralised Trust and Reputation Management Systems (DTRMS), which mainly aim to quantitatively assess the trustworthiness of the network participants and help to protect the network from adversaries. In the literature, proposals of DTRMS have been applied to various Cyber-physical Systems (CPS) applications, including supply chains, smart cities and distributed energy trading. In this chapter, we outline the building blocks of a generic DTRMS and discuss how it can benefit from blockchain. To highlight the significance of DTRMS, we present the state-of-the-art of DTRMS in various field of CPS applications. In addition, we also outline challenges and future directions in develo** DTRMS for CPS.
△ Less
Submitted 16 September, 2021;
originally announced September 2021.
-
Blockchain in Supply Chain: Opportunities and Design Considerations
Authors:
Gowri Sankar Ramachandran,
Sidra Malik,
Shantanu Pal,
Ali Dorri,
Volkan Dedeoglu,
Salil Kanhere,
Raja Jurdak
Abstract:
Supply chain applications operate in a multi-stakeholder setting, demanding trust, provenance, and transparency. Blockchain technology provides mechanisms to establish a decentralized infrastructure involving multiple stakeholders. Such mechanisms make the blockchain technology ideal for multi-stakeholder supply chain applications. This chapter introduces the characteristics and requirements of th…
▽ More
Supply chain applications operate in a multi-stakeholder setting, demanding trust, provenance, and transparency. Blockchain technology provides mechanisms to establish a decentralized infrastructure involving multiple stakeholders. Such mechanisms make the blockchain technology ideal for multi-stakeholder supply chain applications. This chapter introduces the characteristics and requirements of the supply chain and explains how blockchain technology can meet the demands of supply chain applications. In particular, this chapter discusses how data and trust management can be established using blockchain technology. The importance of scalability and interoperability in a blockchain-based supply chain is highlighted to help the stakeholders make an informed decision. The chapter concludes by underscoring the design challenges and open opportunities in the blockchain-based supply chain domain.
△ Less
Submitted 26 August, 2021;
originally announced August 2021.
-
TradeChain: Decoupling Traceability and Identity inBlockchain enabled Supply Chains
Authors:
Sidra Malik,
Naman Gupta,
Volkan Dedeoglu,
Salil S. Kanhere,
Raja Jurdak
Abstract:
In this work, we propose a privacy-preservation framework, TradeChain, which decouples the trade events of participants using decentralised identities. TradeChain adopts the Self-Sovereign Identity (SSI) principles and makes the following novel contributions: a) it incorporates two separate ledgers: a public permissioned blockchain for maintaining identities and the permissioned blockchain for rec…
▽ More
In this work, we propose a privacy-preservation framework, TradeChain, which decouples the trade events of participants using decentralised identities. TradeChain adopts the Self-Sovereign Identity (SSI) principles and makes the following novel contributions: a) it incorporates two separate ledgers: a public permissioned blockchain for maintaining identities and the permissioned blockchain for recording trade flows, b) it uses Zero Knowledge Proofs (ZKPs) on traders' private credentials to prove multiple identities on trade ledger and c) allows data owners to define dynamic access rules for verifying traceability information from the trade ledger using access tokens and Ciphertext Policy Attribute-Based Encryption (CP-ABE). A proof of concept implementation of TradeChain is presented on Hyperledger Indy and Fabric and an extensive evaluation of execution time, latency and throughput reveals minimal overheads.
△ Less
Submitted 24 May, 2021;
originally announced May 2021.
-
PrivChain: Provenance and Privacy Preservation in Blockchain enabled Supply Chains
Authors:
Sidra Malik,
Volkan Dedeoglu,
Salil Kanhere,
Raja Jurdak
Abstract:
Blockchain offers traceability and transparency to supply chain event data and hence can help overcome many challenges in supply chain management such as: data integrity, provenance and traceability. However, data privacy concerns such as the protection of trade secrets have hindered adoption of blockchain technology. Although consortium blockchains only allow authorised supply chain entities to r…
▽ More
Blockchain offers traceability and transparency to supply chain event data and hence can help overcome many challenges in supply chain management such as: data integrity, provenance and traceability. However, data privacy concerns such as the protection of trade secrets have hindered adoption of blockchain technology. Although consortium blockchains only allow authorised supply chain entities to read/write to the ledger, privacy preservation of trade secrets cannot be ascertained. In this work, we propose a privacy-preservation framework, PrivChain, to protect sensitive data on blockchain using zero knowledge proofs. PrivChain provides provenance and traceability without revealing any sensitive information to end-consumers or supply chain entities. Its novelty stems from: a) its ability to allow data owners to protect trade related information and instead provide proofs on the data, and b) an integrated incentive mechanism for entities providing valid proofs over provenance data. In particular, PrivChain uses Zero Knowledge Range Proofs (ZKRPs), an efficient variant of ZKPs, to provide origin information without disclosing the exact location of a supply chain product. Furthermore, the framework allows to compute proofs and commitments off-line, decoupling the computational overhead from blockchain. The proof verification process and incentive payment initiation are automated using blockchain transactions, smart contracts, and events. A proof of concept implementation on Hyperledger Fabric reveals a minimal overhead of using PrivChain for blockchain enabled supply chains.
△ Less
Submitted 27 April, 2021;
originally announced April 2021.
-
Trust-based Blockchain Authorization for IoT
Authors:
Guntur Dharma Putra,
Volkan Dedeoglu,
Salil S Kanhere,
Raja Jurdak,
Aleksandar Ignjatovic
Abstract:
Authorization or access control limits the actions a user may perform on a computer system, based on predetermined access control policies, thus preventing access by illegitimate actors. Access control for the Internet of Things (IoT) should be tailored to take inherent IoT network scale and device resource constraints into consideration. However, common authorization systems in IoT employ convent…
▽ More
Authorization or access control limits the actions a user may perform on a computer system, based on predetermined access control policies, thus preventing access by illegitimate actors. Access control for the Internet of Things (IoT) should be tailored to take inherent IoT network scale and device resource constraints into consideration. However, common authorization systems in IoT employ conventional schemes, which suffer from overheads and centralization. Recent research trends suggest that blockchain has the potential to tackle the issues of access control in IoT. However, proposed solutions overlook the importance of building dynamic and flexible access control mechanisms. In this paper, we design a decentralized attribute-based access control mechanism with an auxiliary Trust and Reputation System (TRS) for IoT authorization. Our system progressively quantifies the trust and reputation scores of each node in the network and incorporates the scores into the access control mechanism to achieve dynamic and flexible access control. We design our system to run on a public blockchain, but we separate the storage of sensitive information, such as user's attributes, to private sidechains for privacy preservation. We implement our solution in a public Rinkeby Ethereum test-network interconnected with a lab-scale testbed. Our evaluations consider various performance metrics to highlight the applicability of our solution for IoT contexts.
△ Less
Submitted 1 April, 2021;
originally announced April 2021.
-
Poster Abstract: Towards Scalable and Trustworthy Decentralized Collaborative Intrusion Detection System for IoT
Authors:
Guntur Dharma Putra,
Volkan Dedeoglu,
Salil S Kanhere,
Raja Jurdak
Abstract:
An Intrusion Detection System (IDS) aims to alert users of incoming attacks by deploying a detector that monitors network traffic continuously. As an effort to increase detection capabilities, a set of independent IDS detectors typically work collaboratively to build intelligence of holistic network representation, which is referred to as Collaborative Intrusion Detection System (CIDS). However, d…
▽ More
An Intrusion Detection System (IDS) aims to alert users of incoming attacks by deploying a detector that monitors network traffic continuously. As an effort to increase detection capabilities, a set of independent IDS detectors typically work collaboratively to build intelligence of holistic network representation, which is referred to as Collaborative Intrusion Detection System (CIDS). However, develo** an effective CIDS, particularly for the IoT ecosystem raises several challenges. Recent trends and advances in blockchain technology, which provides assurance in distributed trust and secure immutable storage, may contribute towards the design of effective CIDS. In this poster abstract, we present our ongoing work on a decentralized CIDS for IoT, which is based on blockchain technology. We propose an architecture that provides accountable trust establishment, which promotes incentives and penalties, and scalable intrusion information storage by exchanging bloom filters. We are currently implementing a proof-of-concept of our modular architecture in a local test-bed and evaluate its effectiveness in detecting common attacks in IoT networks and the associated overhead.
△ Less
Submitted 18 February, 2020;
originally announced February 2020.
-
Energy-aware Demand Selection and Allocation for Real-time IoT Data Trading
Authors:
Pooja Gupta,
Volkan Dedeoglu,
Kamran Najeebullah,
Salil S. Kanhere,
Raja Jurdak
Abstract:
Personal IoT data is a new economic asset that individuals can trade to generate revenue on the emerging data marketplaces. Typically, marketplaces are centralized systems that raise concerns of privacy, single point of failure, little transparency and involve trusted intermediaries to be fair. Furthermore, the battery-operated IoT devices limit the amount of IoT data to be traded in real-time tha…
▽ More
Personal IoT data is a new economic asset that individuals can trade to generate revenue on the emerging data marketplaces. Typically, marketplaces are centralized systems that raise concerns of privacy, single point of failure, little transparency and involve trusted intermediaries to be fair. Furthermore, the battery-operated IoT devices limit the amount of IoT data to be traded in real-time that affects buyer/seller satisfaction and hence, impacting the sustainability and usability of such a marketplace. This work proposes to utilize blockchain technology to realize a trusted and transparent decentralized marketplace for contract compliance for trading IoT data streams generated by battery-operated IoT devices in real-time. The contribution of this paper is two-fold: (1) we propose an autonomous blockchain-based marketplace equipped with essential functionalities such as agreement framework, pricing model and rating mechanism to create an effective marketplace framework without involving a mediator, (2) we propose a mechanism for selection and allocation of buyers' demands on seller's devices under quality and battery constraints. We present a proof-of-concept implementation in Ethereum to demonstrate the feasibility of the framework. We investigated the impact of buyer's demand on the battery drainage of the IoT devices under different scenarios through extensive simulations. Our results show that this approach is viable and benefits the seller and buyer for creating a sustainable marketplace model for trading IoT data in real-time from battery-powered IoT devices.
△ Less
Submitted 10 July, 2020; v1 submitted 5 February, 2020;
originally announced February 2020.
-
Trust Management in Decentralized IoT Access Control System
Authors:
Guntur Dharma Putra,
Volkan Dedeoglu,
Salil S. Kanhere,
Raja Jurdak
Abstract:
Heterogeneous and dynamic IoT environments require a lightweight, scalable, and trustworthy access control system for protection from unauthorized access and for automated detection of compromised nodes. Recent proposals in IoT access control systems have incorporated blockchain to overcome inherent issues in conventional access control schemes. However, the dynamic interaction of IoT networks rem…
▽ More
Heterogeneous and dynamic IoT environments require a lightweight, scalable, and trustworthy access control system for protection from unauthorized access and for automated detection of compromised nodes. Recent proposals in IoT access control systems have incorporated blockchain to overcome inherent issues in conventional access control schemes. However, the dynamic interaction of IoT networks remains uncaptured. Here, we develop a blockchain based Trust and Reputation System (TRS) for IoT access control, which progressively evaluates and calculates the trust and reputation score of each participating node to achieve a self-adaptive and trustworthy access control system. Trust and reputation are explicitly incorporated in the attribute-based access control policy, so that different nodes can be assigned to different access right levels, resulting in dynamic access control policies. We implement our proposed architecture in a private Ethereum blockchain comprised of a Docker container network. We benchmark our solution using various performance metrics to highlight its applicability for IoT contexts.
△ Less
Submitted 9 March, 2020; v1 submitted 21 December, 2019;
originally announced December 2019.
-
A journey in applying blockchain for cyberphysical systems
Authors:
Volkan Dedeoglu,
Ali Dorri,
Raja Jurdak,
Regio A. Michelin,
Roben C. Lunardi,
Salil S. Kanhere,
Avelino F. Zorzo
Abstract:
Cyberphysical Systems (CPS) are transforming the way we interact with the physical world around us. However, centralised approaches for CPS systems are not capable of addressing the unique challenges of CPS due to the complexity, constraints, and dynamic nature of the interactions. To realize the true potential of CPS, a decentralized approach that takes into account these unique features is requi…
▽ More
Cyberphysical Systems (CPS) are transforming the way we interact with the physical world around us. However, centralised approaches for CPS systems are not capable of addressing the unique challenges of CPS due to the complexity, constraints, and dynamic nature of the interactions. To realize the true potential of CPS, a decentralized approach that takes into account these unique features is required. Recently, blockchain-based solutions have been proposed to address CPS challenges.Yet, applying blockchain for diverse CPS domains is not straight-forward and has its own challenges. In this paper, we share our experiences in applying blockchain technology for CPS to provide insights and highlight the challenges and future opportunities.
△ Less
Submitted 3 December, 2019;
originally announced December 2019.
-
A Trust Architecture for Blockchain in IoT
Authors:
Volkan Dedeoglu,
Raja Jurdak,
Guntur D. Putra,
Ali Dorri,
Salil S. Kanhere
Abstract:
Blockchain is a promising technology for establishing trust in IoT networks, where network nodes do not necessarily trust each other. Cryptographic hash links and distributed consensus mechanisms ensure that the data stored on an immutable blockchain can not be altered or deleted. However, blockchain mechanisms do not guarantee the trustworthiness of data at the origin. We propose a layered archit…
▽ More
Blockchain is a promising technology for establishing trust in IoT networks, where network nodes do not necessarily trust each other. Cryptographic hash links and distributed consensus mechanisms ensure that the data stored on an immutable blockchain can not be altered or deleted. However, blockchain mechanisms do not guarantee the trustworthiness of data at the origin. We propose a layered architecture for improving the end-to-end trust that can be applied to a diverse range of blockchain-based IoT applications. Our architecture evaluates the trustworthiness of sensor observations at the data layer and adapts block verification at the blockchain layer through the proposed data trust and gateway reputation modules. We present the performance evaluation of the data trust module using a simulated indoor target localization and the gateway reputation module using an end-to-end blockchain implementation, together with a qualitative security analysis for the architecture.
△ Less
Submitted 27 June, 2019;
originally announced June 2019.
-
TrustChain: Trust Management in Blockchain and IoT supported Supply Chains
Authors:
Sidra Malik,
Volkan Dedeoglu,
Salil S. Kanhere,
Raja Jurdak
Abstract:
Traceability and integrity are major challenges for the increasingly complex supply chains of today's world. Although blockchain technology has the potential to address these challenges through providing a tamper-proof audit trail of supply chain events and data associated with a product life-cycle, it does not solve the trust problem associated with the data itself. Reputation systems are an effe…
▽ More
Traceability and integrity are major challenges for the increasingly complex supply chains of today's world. Although blockchain technology has the potential to address these challenges through providing a tamper-proof audit trail of supply chain events and data associated with a product life-cycle, it does not solve the trust problem associated with the data itself. Reputation systems are an effective approach to solve this trust problem. However, current reputation systems are not suited to the blockchain based supply chain applications as they are based on limited observations, they lack granularity and automation, and their overhead has not been explored. In this work, we propose TrustChain, as a three-layered trust management framework which uses a consortium blockchain to track interactions among supply chain participants and to dynamically assign trust and reputation scores based on these interactions. The novelty of TrustChain stems from: (a) the reputation model that evaluates the quality of commodities, and the trustworthiness of entities based on multiple observations of supply chain events, (b) its support for reputation scores that separate between a supply chain participant and products, enabling the assignment of product-specific reputations for the same participant, (c) the use of smart contracts for transparent, efficient, secure, and automated calculation of reputation scores, and (d) its minimal overhead in terms of latency and throughput when compared to a simple blockchain based supply chain model.
△ Less
Submitted 5 June, 2019;
originally announced June 2019.