A Cloud Microservices Architecture for Data Integrity Verifiability Based on Blockchain
<p>General Model: interaction among The Cloud System, The Verifiability Blockchain Service Interface and the blockchain.</p> "> Figure 2
<p>Storing operation, illustrating communication between Event API-Gateway, <span class="html-italic">Storing</span>, <span class="html-italic">Users-Authorization</span> service and the blockchain.</p> "> Figure 3
<p>Consulting operation, illustrating communication among Event API-Gateway, <span class="html-italic">Consulting</span>, and <span class="html-italic">Users-Authorization</span> services and the blockchain.</p> "> Figure 4
<p>The smart contracts illustrated as class diagrams.</p> "> Figure 5
<p>Microservices and technologies implemented in the proposal architecture.</p> "> Figure 6
<p>An avocado cloud system integrated with VBSIarchitecture.</p> "> Figure 7
<p>Sequence diagram: stating an execution tree operations of the avocado supply chain with their smart contracts.</p> "> Figure 8
<p>Blockchain representation of the smart contracts shown in <a href="#applsci-12-02754-f007" class="html-fig">Figure 7</a>.</p> "> Figure 9
<p>The <b>Left</b> table shows some data about where the resources are stored off-chain and in the blockchain; and the <b>right</b> table shows the logs stored in each Bitacora of the smart contracts.</p> "> Figure 10
<p>Storing and consulting service example using Postman application.</p> "> Figure 11
<p>User interface to test the creation of different types of users.</p> "> Figure 12
<p>Latency details shown in the graphical interface while sending and receiving requests.</p> "> Figure 13
<p>Mobile application to check the traceability of an avocado supply chain and the log example obtained from the blockchain.</p> ">
Abstract
:1. Introduction
- A mechanism for auditing issues storing logs from the initialization phase of a system until the execution of user transactions guaranteed by blockchain strengths concerning integrity.
- A consulting mechanism that provides certainty about the integrity of the logs stored in the blockchain.
- Traceability of each log transaction carried out by the corresponding users of a cloud system in distributed environments.
- An auditing mechanism where cloud systems (following the microservice architecture) can plug it.
2. Preliminaries and Related Work
2.1. From Programming Office Systems to Microservice Architecture
2.2. Data Integrity in Cloud Systems
2.3. Data Integrity with Blockchain
3. The Architecture Model
3.1. The Cloud System
3.2. Microservices of VBSI
3.3. Participants as Smart Contracts
- Root: It is a crucial role, which is formed at the time that the system is initiated. Our model trusts in the root, and a smart contract Root is created the first time when the architecture is started. Hence, all subsequent operations are chained to this contract. The creation of the root is carried out following [36].
- Administrator: It is created by the root. An independent smart contract is created for each administrator. In our model, the administrator can add TUsers.
- TUser: When an administrator adds a new user, creates a TUser smart contract, and also generates a Resource smart contract. TUser is a transactional user who can store hash data in the blockchain through a smart contract called Resource.
4. The Verifiability Blockchain Service Interface (VBSI)
4.1. Event API-Gateway
4.2. Audit: Storing
- Verify with the Users-Authorization service if has enough permissions to execute event , using Boolean function . Returning true if it has privileges to store the event in the blockchain; otherwise, it returns false.
- Send the event to the blockchain, using function . Returning , which is a tuple (calculated in the blockchain) of three elements, : (a) the token; (b) a transaction address and (c) a smart contract address.
4.3. Audit: Consulting
- Verify with the authorization service that has enough permissions to execute ; it is used with function, which is detailed in Equation (9).
- If b is true, then it calls to the following remote function:There, states for the receipt details consulted with the blockchain and is the hashed information previously stored within the blockchain.
- Then, it is compared with , if they are the same, r variable is changed to .
- A tuple is returned, where:can be one of two options according to the previous steps: (a) and the detailed receipt when integrity is noted; otherwise, (b) it returns and an empty receipt.
4.4. Users
4.4.1. Administration
- The system must have only one root, it follows the idea of [36].
- A public key must be used for only one type of user (validated via off-chain).
- The root user can create administrators (validated via off-chain and blockchain).
- Administrators can create other administrators and TUsers (validated via off-chain and blockchain).
- When a TUser is created, also a Resource smart contract is created (instruction sent via off-chain to the blockchain).
4.4.2. Authentication
- ; this function receives the user’s credentials, type of user and type of event. Returning a token as a result;
- ; this function receives a token and returns an updated token. This function is used when a token is about to expire.
- ; this function receives a token and evaluates if the token is valid or not, returning a Boolean result.
4.4.3. Authorization
{ "resource": "RootCreation", "event": "POST", "permitAccessTo": { "Root": "true", "Administrator": "false", "TUser": "false" }, "description": "Root is the user permitted to create a root" }
{ "stage": "users", "serviceName": "hasAccess", "typeOfOperation": "delete", "nameOfOperation": "deleteMe", "permitAccessTo": { "Root": "true", "Administrator": "true", "TUser": "true", "NameType": "Consumer" }, "description": "Delete personal data" }which, it is a transaction user with type named “Consumer” can delete its own personal information; the types of users root and administrator have the same privileges.
5. The Smart Contracts
5.1. Notation
5.2. Objectcontract, Log, Bitacora and Root
5.3. Admor, TUser and Resource
6. Prototype System
6.1. VBSI
6.2. Blockchain and the Smart Contracts
7. Case Study: An Avocado Cloud System
7.1. Stages of the Supply Chain
- Farmer can have one or more orchards, might sell his/her harvest, and be sent to packers.
- Packers receive the avocado lot directly from the producer. They verify the lot, check regulatory documentation and establish if the fruit will be sent to be commercialized directly or a manufactured process.
- Carrier are engaged in transporting the avocados from one point to the next in the chains of the supply chain.
- Merchant buys the product to sell it directly to a consumer, a retailer (another merchant) or a wholesaler (another merchant).
- Consumer is the user who buys the fruit. It is the last stage of the chain.
7.2. The Data Integrity Storing Process in the Experimental System
- Root creation: following the protocol in [36] the Root user is created with key . is the smart contract address generated in the blockchain; and is the Root’s Bitacora.
- Administrators creation: root, through smart contract , executes method to create two administrators (Admor1 and Admor2); in this case are and ; and the smart contracts generated are and respectively. Their smart contracts Bitacoras are and
- TUsers creation: the explanation of creating a TUser by an administrator is similar to that explained by the root creating administrators. In this case Admor1 creates a Farmer and a Packer user; and Admor2 creates a Carrier and a Merchant user.
- Resources creation: resources are added via a TUser by executing method . The figure shows resources created with addresses from to . These resources will be used to manage harvests. For example, Farmer will register new hashed data of the harvest in the blockchain to start the traceability; Carriers will register the harvest transportation from one part to another; Packer will create a new harvest batch with the information reported by the Farmer and will carry out the selection procedures; Merchant will register data information about when the lot was received and when it is sent to the wholesalers, retailers or ready to be sell for the consumers. In each stage, a QR code is generated, containing the transaction address generated in each stage. The QR code might be used by the consumer or any user of each stage of the supply chain to obtain the traceability and verify the origin of the avocado.
7.3. The Integrity Verifiability Process
8. Validation and Proofs
8.1. Friendly and Unfriendly Agents
- Programming: we corrected some programming errors. It involved fixing from simple validations during the development process until more complex troubles, such as distributed and concurrent programming that sometimes are very difficult to detect.
- Adjustment to the smart contracts: although our smart contracts are illustrated as class diagrams to give a general representation, they were implemented on solidity programming language.
- Adjustment to the architecture: developing the prototype and the tester tool was more clear to make some adjustments to the proposed architecture.
8.2. A Data Integrity Verifiability Example Interface
8.3. System Complexity
9. Discussion and Conclusions
9.1. Discussion
9.2. Conclusions
- (a)
- An event API-gateway able to receive HTTP requests and to decide if it is addressed to an administrative user, for storing hashed data, or for consulting (audit) issues;
- (b)
- An administrative user service, able to register different types of users, authentication service able to provide tokens and authorization service, able to decide the permissiveness of the requester;
- (c)
- A storing service that saves hashed messages that later will be used as an audit process; and
- (d)
- A consulting mechanism that provides certainty about the integrity of previously stored data.
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Simou, S.; Kalloniatis, C.; Gritzalis, S.; Mouratidis, H. A survey on cloud forensics challenges and solutions. Secur. Commun. Netw. 2016, 9, 6285–6314. [Google Scholar] [CrossRef]
- Odun-Ayo, I.; Agono, F.; Misra, S. Cloud Migration: Issues and Developments. International MultiConference of Engineers and Computer Scientists. 2018; Volume 1. Available online: http://www.iaeng.org/publication/IMECS2018/IMECS2018_pp231-236.pdf (accessed on 4 February 2022).
- Sivathanu, G.; Wright, C.P.; Zadok, E. Ensuring Data Integrity in Storage: Techniques and Applications. In Proceedings of the 2005 ACM Workshop on Storage Security and Survivability, StorageSS ’05, Fairfax, VA, USA, 11 November 2005; Association for Computing Machinery: New York, NY, USA, 2005; pp. 26–36. [Google Scholar] [CrossRef]
- Yavuz, A.A.; Ning, P. BAF: An Efficient Publicly Verifiable Secure Audit Logging Scheme for Distributed Systems. In Proceedings of the 2009 Annual Computer Security Applications Conference, Honolulu, HI, USA, 7–11 December 2009; pp. 219–228. [Google Scholar] [CrossRef]
- Yavuz, A.A.; Ning, P.; Reiter, M.K. Efficient, Compromise Resilient and Append-Only Cryptographic Schemes for Secure Audit Logging. In Financial Cryptography and Data Security; Keromytis, A.D., Ed.; Springer: Berlin/Heidelberg, Germany, 2012; pp. 148–163. [Google Scholar] [CrossRef] [Green Version]
- Araújo, R.; Pinto, A. Secure Remote Storage of Logs with Search Capabilities. J. Cybersecur. Priv. 2021, 1, 19. [Google Scholar] [CrossRef]
- Tian, H.; Chen, Z.; Chang, C.C.; Huang, Y.; Wang, T.; Huang, Z.A.; Cai, Y.; Chen, Y. Public audit for operation behavior logs with error locating in cloud storage. Soft Comput. 2019, 23, 3779–3792. [Google Scholar] [CrossRef]
- Zawoad, S.; Dutta, A.K.; Hasan, R. SecLaaS: Secure logging-as-a-service for cloud forensics. In Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, Hangzhou, China, 8–10 May 2013; pp. 219–230. [Google Scholar] [CrossRef]
- Ray, I.; Belyaev, K.; Strizhov, M.; Mulamba, D.; Rajaram, M. Secure Logging as a Service—Delegating Log Management to the Cloud. IEEE Syst. J. 2013, 7, 323–334. [Google Scholar] [CrossRef]
- Zawoad, S.; Dutta, A.K.; Hasan, R. Towards Building Forensics Enabled Cloud Through Secure Logging-as-a-Service. IEEE Trans. Dependable Secure Comput. 2016, 13, 148–162. [Google Scholar] [CrossRef]
- Barabanov, A.; Makrushin, D. Security audit logging in microservice-based systems: Survey of architecture patterns. arXiv 2021, arXiv:2102.09435. [Google Scholar]
- Bellini, E.; Iraqi, Y.; Damiani, E. Blockchain-Based Distributed Trust and Reputation Management Systems: A Survey. IEEE Access 2020, 8, 21127–21151. [Google Scholar] [CrossRef]
- Wright, C.S. Bitcoin: A Peer-to-Peer Electronic Cash System; Springer: Cham, Switzerland, 2019. [Google Scholar] [CrossRef]
- Mohanta, B.K.; Panda, S.S.; Jena, D. An overview of smart contract and use cases in blockchain technology. In Proceedings of the 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT), Bengaluru, India, 10–12 July 2018; pp. 1–4. [Google Scholar]
- Siyal, A.A.; Junejo, A.Z.; Zawish, M.; Ahmed, K.; Khalil, A.; Soursou, G. Applications of blockchain technology in medicine and healthcare: Challenges and future perspectives. Cryptography 2019, 3, 3. [Google Scholar] [CrossRef] [Green Version]
- Giraldo, F.D.; Milton, C.B.; Gamboa, C.E. Electronic Voting Using Blockchain And Smart Contracts: Proof Of Concept. IEEE Lat. Am. Trans. 2020, 18, 1743–1751. [Google Scholar] [CrossRef]
- Bergman, S.; Asplund, M.; Nadjm-Tehrani, S. Permissioned blockchains and distributed databases: A performance study. Concurr. Comput. Pract. Exp. 2020, 32, e5227. [Google Scholar] [CrossRef]
- Bushong, V.; Abdelfattah, A.S.; Maruf, A.A.; Das, D.; Lehman, A.; Jaroszewski, E.; Coffey, M.; Cerny, T.; Frajtak, K.; Tisnovsky, P.; et al. On Microservice Analysis and Architecture Evolution: A Systematic Mapping Study. Appl. Sci. 2021, 11, 7856. [Google Scholar] [CrossRef]
- Hevner, A.; Chatterjee, S. Design Science Research in Information Systems. In Design Research in Information Systems: Theory and Practice; Springer: Boston, MA, USA, 2010; pp. 9–22. [Google Scholar] [CrossRef]
- Peffers, K.; Tuunanen, T.; Rothenberger, M.A.; Chatterjee, S. A Design Science Research Methodology for Information Systems Research. J. Manag. Inf. Syst. 2007, 24, 45–77. [Google Scholar] [CrossRef]
- Eyre, E.C. Office Systems. In Office Administration; Macmillan Education UK: London, UK, 1989; pp. 303–310. [Google Scholar] [CrossRef]
- Chen, R.; Li, S.; Li, Z. From Monolith to Microservices: A Dataflow-Driven Approach. In Proceedings of the 2017 24th Asia-Pacific Software Engineering Conference (APSEC), Nanjing, China, 4–8 December 2017; pp. 466–475. [Google Scholar]
- Jaramillo, D.; Nguyen, D.V.; Smart, R. Leveraging microservices architecture by using Docker technology. In Proceedings of the SoutheastCon 2016, Norfolk, VA, USA, 30 March–3 April 2016; pp. 1–5. [Google Scholar] [CrossRef]
- Mishra, D. Cloud Computing: The Era of Virtual World Opportunities and Risks involved. Int. J. Comput. Sci. Eng. 2014, 3, 204–209. Available online: https://www.ijcse.net/docs/IJCSE14-03-04-105.pdf (accessed on 4 February 2022).
- Chellappa, R. Intermediaries in cloud-computing: A new computing paradigm. In Proceedings of the INFORMS Annual Meeting, Dallas, TX, USA, 26–29 October 1997; pp. 26–29. [Google Scholar]
- Ray, P.P. An Introduction to Dew Computing: Definition, Concept and Implications. IEEE Access 2018, 6, 723–737. [Google Scholar] [CrossRef]
- Mell, P.; Grance, T. The NIST definition of cloud computing. Natl. Inst. Sci. Technol. Spec. Publ. 2011, 800, 145. [Google Scholar]
- Subramanian, N.; Jeyaraj, A. Recent security challenges in cloud computing. Comput. Electr. Eng. 2018, 71, 28–42. [Google Scholar] [CrossRef]
- Pujar, S.R.; Chaudhari, S.S.; Aparna, R. Survey on Data Integrity and Verification for Cloud Storage. In Proceedings of the 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT), Kharagpur, India, 1–3 July 2020; pp. 1–7. [Google Scholar] [CrossRef]
- Mann, S.; Potdar, V.; Gajavilli, R.S.; Chandan, A. Blockchain technology for supply chain traceability, transparency and data provenance. In Proceedings of the 2018 International Conference on Blockchain Technology and Application, ICBTA 2018, Xi’an, China, 10–12 December 2018; ACM: New York, NY, USA, 2018; pp. 22–25. [Google Scholar] [CrossRef]
- Suzuki, S.; Murai, J. Blockchain as an Audit-Able Communication Channel. In Proceedings of the 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC), Turin, Italy, 4–8 July 2017; Volume 2, pp. 516–522. [Google Scholar] [CrossRef]
- Ahmad, A.; Saad, M.; Bassiouni, M.; Mohaisen, A. Towards blockchain-driven, secure and transparent audit logs. In Proceedings of the 15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, MobiQuitous ’18, Melbourne, AU, USA, 5–7 November 2018; Association for Computing Machinery: New York, NY, USA, 2018; pp. 443–448. [Google Scholar] [CrossRef] [Green Version]
- Lu, N.; Zhang, Y.; Shi, W.; Kumari, S.; Choo, K.K.R. A secure and scalable data integrity auditing scheme based on hyperledger fabric. Comput. Secur. 2020, 92, 101741. [Google Scholar] [CrossRef]
- Wei, P.; Wang, D.; Zhao, Y.; Tyagi, S.K.S.; Kumar, N. Blockchain data-based cloud data integrity protection mechanism. Future Gener. Comput. Syst. 2020, 102, 902–911. [Google Scholar] [CrossRef]
- Lopez-Pimentel, J.C.; Rojas, O.; Monroy, R. Blockchain and off-chain: A Solution for Audit Issues in Supply Chain Systems. In Proceedings of the 2020 IEEE International Conference on Blockchain (Blockchain), Rhodes, Greece, 2–6 November 2020; Volume 1, pp. 126–133. [Google Scholar] [CrossRef]
- López-Pimentel, J.C.; Morales-Rosales, L.A.; Monroy, R. RootLogChain: Registering Log-Events in a Blockchain for Audit Issues from the Creation of the Root. Sensors 2021, 21, 7669. [Google Scholar] [CrossRef] [PubMed]
- Xu, X.; Pautasso, C.; Zhu, L.; Gramoli, V.; Ponomarev, A.; Tran, A.B.; Chen, S. The blockchain as a software connector. In Proceedings of the 2016 13th Working IEEE/IFIP Conference on Software Architecture (WICSA), Venice, Italy, 5–8 April 2016; pp. 182–191. [Google Scholar] [CrossRef]
- Odun-Ayo, I.; Ananya, M.; Agono, F.; Goddy-Worlu, R. Cloud computing architecture: A critical analysis. In Proceedings of the 2018 18th International Conference on Computational Science and Applications (ICCSA), Melbourne, Australia, 2–5 July 2018; pp. 1–7. [Google Scholar]
- Zhang, Q.; Cheng, L.; Boutaba, R. Cloud computing: State-of-the-art and research challenges. J. Internet Serv. Appl. 2010, 1, 7–18. [Google Scholar] [CrossRef] [Green Version]
- Fielding, R.; Gettys, J.; Mogul, J.; Frystyk, H.; Masinter, L.; Leach, P.; Berners-Lee, T. RFC2616: Hypertext Transfer Protocol–HTTP/1.1. 1999. Available online: https://datatracker.ietf.org/doc/html/rfc2616 (accessed on 4 February 2022).
- Rescorla, E.; Schiffman, A. RFC2660: The Secure HyperText Transfer Protocol. 1999. Available online: https://www.ietf.org/rfc/rfc2660.txt (accessed on 4 February 2022).
- Eski, S.; Buzluca, F. An automatic extraction approach—Transition to microservices architecture from monolithic application. In Proceedings of the 19th International Conference on Agile Software Development: Companion, Porto, Portugal, 21–25 May 2018; Volume F147763, pp. 1–6. [Google Scholar] [CrossRef]
- Newman, S. Building Microservices: Designing Fine-Grained Systems; O’Reilly Media Inc.: Sebastopol, CA, USA, 2015. [Google Scholar]
- International Business Machines Corporation. Why New Off-Chain Storage Is Required for Blockchains; Technical Report; IBM: Armonk, NY, USA, 2018. [Google Scholar]
- Gadge, S.; Kotwani, V. Microservice Architecture: API Gateway Considerations [White Paper]; GlobalLogic Inc.: San Jose, CA, USA, 2017; pp. 1–13. [Google Scholar]
- Lang, U. Openpmf scaas: Authorization as a service for cloud & soa applications. In Proceedings of the 2010 IEEE Second International Conference on Cloud Computing Technology and Science, Indianapolis, IN, USA, 30 November–3 December 2010; pp. 634–643. [Google Scholar]
- Wu, R.; Zhang, X.; Ahn, G.J.; Sharifi, H.; Xie, H. ACaaS: Access control as a service for IaaS cloud. In Proceedings of the 2013 International Conference on Social Computing, Alexandria, VA, USA, 8–14 September 2013; pp. 423–428. [Google Scholar]
- Sandhu, R.S. Role-Based Access Control. In Advances in Computers; Elsevier: Amsterdam, The Netherlands, 1998; Volume 46, pp. 237–286. [Google Scholar] [CrossRef]
- Lazouski, A.; Martinelli, F.; Mori, P.A.; Martinelli, F.; Mori, P. A prototype for enforcing usage control policies based on XACML. In International Conference on Trust, Privacy and Security in Digital Business; Springer: Berlin/Heidelberg, Germany, 2012; pp. 79–92. [Google Scholar]
- Hu, V.C.; Ferraiolo, D.; Kuhn, R.; Friedman, A.R.; Lang, A.J.; Cogdell, M.M.; Schnitzer, A.; Sandlin, K.; Miller, R.; Scarfone, K.; et al. Guide to Attribute Based Access Control (abac) Definition and Considerations (draft); NIST Special Publication; National Institute for Standards and Technology: Gaithersburg, MD, USA, 2013; pp. 1–54.
- López-Pimentel, J.C.; Rojas, O.; Alcaraz-Rivera, M.; Sosa-Gómez, G.; Verteramo-Chiu, L. Automating the avocado supply chain with Blockchain and Off-chain. In Proceedings of the 8th International Conference on Information Systems, Logistics and Supply Chain, ILS 2020, Austin, TX, USA, 22–24 April 2020; pp. 292–298. [Google Scholar]
- Mouat, A. Using Docker: Developing and Deploying Software with Containers; O’Reilly Media Inc.: Sebastopol, CA, USA, 2016; p. 346. [Google Scholar]
- Stubbs, J.; Moreira, W.; Dooley, R. Distributed Systems of Microservices Using Docker and Serfnode. In Proceedings of the 2015 7th International Workshop on Science Gateways, Budapest, Hungary, 3–5 June 2015; pp. 34–39. [Google Scholar] [CrossRef]
- Patel, S.; Sahoo, A.; Mohanta, B.K.; Panda, S.S.; Jena, D. DAuth: A decentralized web authentication system using Ethereum based blockchain. In Proceedings of the 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN), Vellore, India, 30–31 March 2019; pp. 1–5. [Google Scholar]
Abbreviation | Description | Section Explained | Formula |
---|---|---|---|
CS | The Cloud System | Section 3.1 | |
VBSI | The Verifiability Blockchain Service Interface | Section 3.2 and Section 4 | |
Audit | Verifiability Blockchain Micro-Service | Section 4.2 and Section 4.3 | |
Ev | Event’s type | Section 4.1 and Section 4.2 | (1) |
m | Message sent to VBSI to be stored in the blockchain | Section 4.2 | (2) |
A | Sender | Section 4.2 | |
B | Receiver or Target | Section 4.2 | |
D | Data to be stored in the blockchain | Section 4.2 and Section 4.4 | (2) |
Hx | Hashed message | Section 4.2 | (2) |
Hash(m) | Hash function on message m | Section 4.2 | (3) |
To | Token | Section 4.4 | (4) |
R | Audited answer compound by | Section 4.2 | (5) |
Rp | Details generated in the blockchain | Section 4.3 | (6) |
Res | Receipt answer after a consulting process in the blockchain | Section 4.3 | (7) |
Personal data | Section 4.4.1 | (8) | |
b | Boolean answer denotes if a user can or not execute an event | Section 4.3 | (9) |
Set of permissions | Section 4.4.1 | (10) | |
Type of user | Section 4.4.1 | ||
Gas required to execute a transaction | Section 4.4.1 | ||
Resource that a user has access | Section 4.4.3 | ||
Public key address | Section 4.4.1 | ||
Transaction address | Section 4.2, Section 4.3 and Section 5.2 | ||
Smart contract address | Section 4.2, Section 4.3 and Section 5.2 |
Event API-Gateway | Audit | |||||||
---|---|---|---|---|---|---|---|---|
Type of Transaction | HTTP(S) Methods | Consulting | Storing | |||||
t | CRUD Operation | GET | POST | PUT | DELETE | Read | New | Update |
01 | Create | X | X | |||||
02 | Read | X | X | |||||
03 | Update | X | X | |||||
04 | Delete | X | X |
Service Name | Function Name | Input | Output | Storing |
---|---|---|---|---|
R | √ | |||
Administration | J | |||
√ | ||||
√ | ||||
To | √ | |||
Authentication | To | √ | ||
Authorization | ||||
Abbreviation | Description |
---|---|
Abbreviates Address Block of the blockchain. | |
Identifier of the current event. This attribute is formed by auto-incrementing. | |
This is a signature hash of the log. | |
A timestamp , denoting when the event has happened and | |
submitted to the blockchain. | |
HTTP methods (GET, POST, PUT or DELETE). | |
The source of the event | |
The target of the event | |
Token identifier to know who has carried out the event. | |
Hashed message that describes more details about the event. |
Abbreviation | Description |
---|---|
r1 | { = “eda1917110fb1ea22709138e38ab9f0”, |
= “0x586382da3ef2a8026738123ca47d656943bdb573af6c185b192492ec3c29d4b6”, | |
= “0x1F4DD9f716bbb9D4b2FdA10D2C7a7D6E2C90580d”} | |
d1 | {name = “FarmerName”, stage: “Farmer”, gas = “900000”, pass = “sa23lfd_2”, |
key = “0xCd801D62AF617641964db500D98146eFCEF610E0"} | |
h1 | 6d64619ba21d1114facb3efd54a1d4be |
Ascb8 | 0x1F4DD9f716bbb9D4b2FdA10D2C7a7D6E2C90580d |
t1 | 0x586382da3ef2a8026738123ca47d656943bdb573af6c185b192492ec3c29d4b6 |
s1 | c5a13ecf53fb22134a4613120da887e4 |
w1 | 1638991308 |
IP1 | 189.129.78.230 |
To1 | eda1917110fb1ea22709138e38ab9f0 |
Resource | Unfriendly Agent Description |
---|---|
Create Root | We replicated the proofs executed in [36], but adapted in this context. |
A set of agents do not follow the protocol rules for the root creation. | |
Create Administrators | They might change the permissions, the tokens value, and change the types |
and TUsers | of the fields. |
Add data to stages | They can try to add data to stages not permitted. |
Cloud | Latency from a Cloud Supply Chain | HTTP | Processing Time | Description | ||||
---|---|---|---|---|---|---|---|---|
SChain | Start | End | Time (ms) | Method | Start | End | Time (ms) | |
Farmer | 1645057568522 | 1645057575176 | 6654 | POST | 1645057575177 | 1645057577016 | 1839 | Creating a Farmer |
Farmer | 1645057572394 | 1645057575191 | 2797 | GET | 1645057575192 | 1645057576297 | 1105 | Consulting a log |
Carrier | 1645057569135 | 1645057575901 | 6766 | PUT | 1645057575902 | 1645057577691 | 1789 | Updating information |
Carrier | 1645057574510 | 1645057576801 | 2291 | GET | 1645057576802 | 1645057577797 | 995 | Consulting a log |
Packers | 1645057570272 | 1645057576902 | 6630 | DELETE | 1645057576903 | 1645057578528 | 1625 | Deleting information |
Packers | 1645057574996 | 1645057577904 | 2908 | GET | 1645057577905 | 1645057578795 | 890 | Consulting a log |
Merchant | 1645057570477 | 1645057577011 | 6534 | POST | 1645057577012 | 1645057578832 | 1820 | Creating a Merchant |
Merchant | 1645057575175 | 1645057577365 | 2190 | GET | 1645057577366 | 1645057578474 | 1108 | Consulting a log |
Consumer | 1645057576367 | 1645057578762 | 2395 | GET | 1645057578763 | 1645057579562 | 799 | Consulting a log |
No. | Characteristics | [35] | [36] | The Proposal Model |
---|---|---|---|---|
1 | Provides data integrity | ✓ | ✓ | ✓ |
2 | Uses blockchain technology | ✓ | ✓ | ✓ |
3 | Focuses exclusively to supply chain systems | ✓ | ||
4 | Focuses to generalized cloud systems | ✓ | ✓ | |
5 | Provides auditing service | ✓ | ✓ | ✓ |
6 | Provides traceability service | ✓ | ✓ | ✓ |
7 | Involves different role users | ✓ | ✓ | |
8 | Integrity: Stores events as hashed messages | ✓ | ||
9 | Integrity: stores events as logs | ✓ | ✓ | |
10 | Integrity: stores hashed messages in logs | ✓ | ✓ | |
11 | Implements microservice architecture | ✓ | ✓ | ✓ |
12 | Ensures the creation of a root user | ✓ | ✓ | |
13 | Ensures the creation of different types of users | ✓ |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
López-Pimentel, J.C.; Morales-Rosales, L.A.; Algredo-Badillo, I. A Cloud Microservices Architecture for Data Integrity Verifiability Based on Blockchain. Appl. Sci. 2022, 12, 2754. https://doi.org/10.3390/app12052754
López-Pimentel JC, Morales-Rosales LA, Algredo-Badillo I. A Cloud Microservices Architecture for Data Integrity Verifiability Based on Blockchain. Applied Sciences. 2022; 12(5):2754. https://doi.org/10.3390/app12052754
Chicago/Turabian StyleLópez-Pimentel, Juan Carlos, Luis Alberto Morales-Rosales, and Ignacio Algredo-Badillo. 2022. "A Cloud Microservices Architecture for Data Integrity Verifiability Based on Blockchain" Applied Sciences 12, no. 5: 2754. https://doi.org/10.3390/app12052754