AudiWFlow: Confidential, Collusion-resistant Auditing of Distributed Workflows

Zhou, Xiaohu and Nehme, Antonio and Jesus, Vitor and Wang, Yanghao and Josephs, Mark and Mahbub, Khaled and Abdallah, Ali E. (2022) AudiWFlow: Confidential, Collusion-resistant Auditing of Distributed Workflows. Blockchain: Research and Applications. ISSN 2096-7209

[img]
Preview
Text
AuDiWFlow- Accepted Version.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.

Download (2MB)

Abstract

We discuss the problem of accountability when multiple parties cooperate towards an end result such as multiple companies in a supply chain or departments of a government service under different authorities. In cases where a full trusted central point does not exist, it is difficult to obtain a trusted audit trail of a workflow when each individual participant is unaccountable to all others. We propose AudiWFlow, an auditing architecture which makes participants accountable for its contributions in a distributed workflow. Our scheme provides confidentiality in most cases, collusion detection and availability of evidence after the workflow terminates. AudiWFlow is based on verifiable secret sharing and real-time peer-to-peer verification of records; it further supports multiple levels of assurance to meet a desired trade-off between the availability of evidence and the overhead resulting from the auditing approach. We propose and evaluate two implementation approaches for AudiWFlow. The first one is fully distributed except for a central auxiliary point that, nevertheless, needs only a low level of trust. The second one is based on smart-contracts running on a public blockchain which is able to remove the need of any central point but requires the integration with a blockchain.

Item Type: Article
Identification Number: https://doi.org/10.1016/j.bcra.2022.100073
Dates:
DateEvent
6 March 2022Accepted
25 March 2022Published Online
Uncontrolled Keywords: Auditing, Distributed workflows, Confidentiality, Blockchains, Smart-contracts
Subjects: CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science
CAH11 - computing > CAH11-01 - computing > CAH11-01-03 - information systems
Divisions: Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology
Depositing User: Antonio Nehme
Date Deposited: 28 Mar 2022 12:23
Last Modified: 28 Mar 2022 12:23
URI: http://www.open-access.bcu.ac.uk/id/eprint/12998

Actions (login required)

View Item View Item

Research

In this section...