Open Access

ARTICLE

A Distributed Privacy Preservation Approach for Big Data in Public Health Emergencies Using Smart Contract and SGX

Jun Li^{1, 2}, Jieren Cheng^{2, *}, Naixue Xiong³, Lougao Zhan⁴, Yuan Zhang¹

1 Hainan Blockchain Technology Engineering Research Center, Hainan University, Haikou, 570228, China.
2 School of Compute Science and Cyberspace Security, Hainan University, Haikou, 570228, China.
3 Department of Mathematics and Computer Science, Northeastern State University, Tahlequah, 74464, USA.
4 Key Laboratory of Internet Information Retrieval of Hainan Province, Hainan University, Haikou, 570228, China.

* Corresponding Author: Jieren Cheng. Email: .

(This article belongs to this Special Issue: Artificial Intelligence and Information Technologies for COVID-19)

Computers, Materials & Continua 2020, 65(1), 723-741. https://doi.org/10.32604/cmc.2020.011272

Received 29 April 2020; Accepted 29 May 2020; Issue published 23 July 2020

Abstract

Security and privacy issues have become a rapidly growing problem with the fast development of big data in public health. However, big data faces many ongoing serious challenges in the process of collection, storage, and use. Among them, data security and privacy problems have attracted extensive interest. In an effort to overcome this challenge, this article aims to present a distributed privacy preservation approach based on smart contracts and Intel Software Guard Extensions (SGX). First of all, we define SGX as a trusted edge computing node, design data access module, data protection module, and data integrity check module, to achieve hardware-enhanced data privacy protection. Then, we design a smart contract framework to realize distributed data access control management in a big data environment. The crucial role of the smart contract was revealed by designing multiple access control contracts, register contracts, and history contracts. Access control contracts provide access control methods for different users and enable static access verification and dynamic access verification by checking the user’s properties and history behavior. Register contract contains user property information, edge computing node information, the access control and history smart contract information, and provides functions such as registration, update, and deletion. History contract records the historical behavior information of malicious users, receives the report information of malicious requestors from the access control contract, implements a misbehavior check method to determines whether the requestor has misbehavior, and returns the corresponding result. Finally, we design decentralized system architecture, prove the security properties, and analysis to verify the feasibility of the system. Results demonstrate that our method can effectively improve the timeliness of data, reduce network latency, and ensure the security, reliability, and traceability of data.

---

Keywords

---

Citations