U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

RED Ledger - Redactable Enhanced Distributed Ledger

Overview

Hyperledger Fabric drop-in component for data block matrix is now available. 

Privacy laws increasingly require some types of data to be erased at user request, according to GDPR and related regulations. We have developed a secure distributed trust solution for networks using Next-Generation Database Access Control (NDAC) and the Data Block Matrix (DBM), with an open source implementation of the DBM using Hyperledger Fabric.  This Hyperledger Fabric component solves the conflict between conventional blockchain use and privacy regulations, by using a data structure that provides hash-based integrity protection, like conventional blockchain, but meets ’right to erasure’ requirements. It may thus be useful for GDPR compliance and other privacy policy support. 

For more on the data block matrix, see project site:  Enhanced Distributed Ledger Technology

To obtain the source code distribution, please send request to Josh Roberts, joshua.roberts@nist.gov, with your name and organization.  We will send you a link to download the files. 

Hyperledger blockmatrix overview

Blockmatrix functions have been integrated with Hyperledger Fabric, making it possible to use Hyperledger in a broader range of applications.  Applications that currently use Hyperledger Fabric will be able to function without change, with blockmatrix components providing distributed ledger functions in a transparent manner.  To support privacy requirements for deleting private user information, data blocks containing PII can be deleted offline, or functions can be added to the application with appropriate access control for administrators or users as determined by the organization. 

- Redactable Distributed Ledger (pdf) - IEEE Global Emerging Tech, Blockchain, 2022 

-  A Distributed Ledger Technology Design using Hyperledger Fabric and a Clinical Trial Use Case (pdf)  - IEEE Software Tech Conf, 2022

Blockchain vs. Blockmatrix and Hyperledger Implementation (mp4) - IEEE 5G & Blockchain Summit, 2021

- Blockmatrix Data Structure and Hyperledger Implementation - ETSI,  2021

Hyperledger blockmatrix compatibility

 

Data block matrix - blockchain compare

We implemented the DBM using Hyperledger Fabric (HF) (https://www.hyperledger.org/use/fabric), an open source, permissioned blockchain (not publicly accessible) framework project from the Linux Foundation. It was forked (copied) into a repository and modified to store data identical to a DBM.

Hyperledger Fabric was identified as the best open source blockchain solution to implement the features of the DBM. HF blocks consist of a header and data. The block data contains transactions that are represented as read-write sets operating on key-value pairs stored on the ledger. The block header contains the hash of the block data and other metadata. To achieve the DBM functionality in Hyperledger Fabric, we modified the blockstorage module to provide a drop-in compatible component. 

Implementation considerations

   - Hyperledger is widely-used open source project started by IBM, Intel, and SAP - intended for large distributed systems
   - Blockmatrix to be dynamic, increasing capacity as more blocks are added
   - Designed to use existing API as closely as possible – add blocks in same manner as adding to blockchain
   - Minimal code changes -   Changes primarily in blkstorage package, reducing potential for errors and easing future updates and maintenance
   - Use of the blockmatrix is configurable at the channel level
      - User can configure to use conventional blockchain or blockmatrix
      - If a deployment uses two channels, one can be a blockchain and the other can be a blockmatrix

Why use this data structure?

   - Enlarge the market for blockchain
       - Solve the conflict between blockchain and privacy regulations
       - Allow for exception management
   - Replace network communication with local data
       - You can obviously do this with conventional database functions, but
       - New data structure adds integrity checks as in blockchain

The Hyperledger Fabric blockmatrix provides a basic easy-to-use component for distributed database design.

Hyperledger Fabric implementation concepts:

- Membership Service Provider (MSP): Connects with federation user authentication mechanism.
- Member: An organization in the federation.
- Identity: Two types of identities: (1) HF, and (2) NDAC. The HF Identity is used by the MAC administrator within each RP.
  This user has direct access to the DBM and can read and write to the DBM. The NDAC Identity is automated and only reads from the DBM.
- Channel: A channel is a DBM (ledger) and will be limited to the members conducting transactions on a particular peer node.
- Client: A portal to access a peer node and submit a transaction.
- Peer node: Commits transactions and has a copy of the DBM ledger.
- Certificate Authority (CA): tracks user enrollment (identities).
   - Each relying party is a “member”. Each member joins the “channel” to get a copy of the DBM ledger.
   - To add members, the MAC administrator = HF Identity.
   - Each member registers one HF Identity and multiple NDAC identities
   - The HF identity uses the client shown in 5 to set attributes inside the DBM: setAttributes(): accesses the hardcoded
      catalog/static table via a chaincode.

Contacts

Josh Roberts
joshua.roberts@nist.gov

Sylvain Chantreau
sylvain.chantreau@nist.gov

Joanna DeFranco
joanna.defranco@nist.gov

Rick Kuhn
kuhn@nist.gov

Topics

Security and Privacy: resilience

Technologies: blockchain

Created November 02, 2022, Updated December 05, 2022