Zihan Li,Zhaofeng Ma

1 International School,Beijing University of Posts and Telecommunications,Beijing 100876,China

2 School of Cyberspace Security,Beijing University of Posts and Telecommunications,Beijing,100876,China

Abstract:With the in-depth application of new technologies such as big data in education fields,the storage and sharing model of student education records data still faces many challenges in terms of privacy protection and efficient transmission.In this paper,we propose a data security storage and sharing scheme based on consortium blockchain,which is a credible search scheme without verification.In our scheme,the implementation of data security storage is using the blockchain and storage server together.In detail,the smart contract provides protection for data keywords,the storage server stores data after data masking,and the blockchain ensures the traceability of query transactions.The need for precise privacy data is achieved by constructing a dictionary.Cryptographic techniques such as AES and RSA are used for encrypted storage of data,keywords,and digital signatures.Security analysis and performance evaluation shows that the availability,high efficiency,and privacy-preserving can be achieved.Meanwhile,this scheme has better robustness compared to other educational records data sharing models.

Keywords:blockchain,big data,data transmission;smart contract;searchable encryption

I.INTRODUCTION

With the arrival of the knowledge economy era,the exponential explosive growth of data volume has attracted more and more attention.One important piece of big data is the students’educational records which is essential for the individual student,schools and the potential employer.However,schools have their own independent storage platforms and databases,resulting in data“islands”problems that make it difficult to share data between educational institutions.This leads to students who need to print out paper documents of data stored in school databases when transferring or entering a higher school.The paper documents are easily damaged and lost,causing a lot of inconvenience.However,it is unrealistic to store all data using integrated data storage for the purpose of quick data sharing,and this traditional storage method is more prone to privacy data leakage and illegal tampering,i.e.,lack of efficiency and failure to guarantee data security and credibility.In 2008,the personal data of about 10,000 applicants,including the social security numbers of 6,600 people,may have been accidentally leaked due to the hacking of Harvard’s servers[1].Coincidentally,in 2020,nearly 20,000 students’information was leaked at Sias University in Zhengzhou,including more than twenty items of private information such as name,ID number and dormitory door number[2].Therefore,the first challenge for private data such as student education records is the need for encrypted storage and conditional sharing.Outside organizations that want to obtain student data need to be authorized by the educational institution.

Furthermore,the problem of fraudulent resumes is now more serious.A report by the GAO in 2004 showed that 463 federal employees(including 28 senior employees)obtained fake degrees from diploma factories and unapproved schools[3].For graduation certificates from domestic and foreign schools,companies need a faster way to verify the authenticity of student resumes.Therefore,the second challenge is how to conduct inquiries and verifications of students’educational records while protecting their privacy.

In order to enable secure sharing of student data with external institutions while maintaining privacy,based on the credible data exchange technology of blockchain can realize data exchange and circulation among nodes while protecting data privacy.

Although there have been some distributed storage schemes based on SSE,there are few applications in the education field and they suffer from low efficiency.Meanwhile,the scheme devotes to personalized data querying without revealing privacy.Based on the above challenges and problems,we proposed a blockchain-based solution for secure storage and accurate sharing of educational records.The main contributions of this research can be summarized as follows:

(1)A consortium blockchain is constructed.The data owner encrypts the education records data and stores them with cloud storage,and stores the index and record summary of the education records data into the blockchain.For the remote server,we determine that it is malicious,so we firstly use data masking for the part of the student’s private data and then encrypt it and store it on the cloud server.The user must have the authorization of the data owner to query the data,and the verification of the user’s authority is realized using a smart contract.

(2)Based on the searchable encryption algorithm PEKS,through the keyword dictionary sent by the data owner,the smart contract can perform the search algorithm according to the user’s query keywords,and return the abstract and encrypted keywords of the corresponding data file found.After the query is completed,the transaction between the data owner and the user,that is,the query record,can be published in the blockchain.Among them,based on the characteristics of lower energy consumption and faster transaction speed,the PBFT consensus algorithm was selected based on lower energy consumption and faster transaction speed.

(3)Experiment:The security performance of PBFT is analyzed,and through comparison with other schemes,our scheme meets the requirements for efficient data storage and has a lower cost computational power cost,low energy consumption,and privacypreserving than that of EduRSS[4]and EduCTX[5]schemes.

The rest of this paper is structured as follows.In Section II,we describe the literature review.In Section III,we demonstrate the Hyperledger,smart contract,searchable encryption and PBFT mechanism.In Section IV,we describe the design of system model and design goals.The specific sharing data scheme between data owner and user is described in Section V step by step.Section VI describes the implementation of the model and evaluates the security and performance of the proposed scheme.In Section VII,we conclude this work and present future research directions.

II.RELATED WORK

As a credible data storage technology,blockchain has the characteristics of anti-counterfeiting,nontampering,automatic contract execution,and transaction traceability.According to these characteristics,blockchain can be integrated with many industries.

Based on the anti-tampering requirements of big data and the problem of the secure sharing of big data,[6]proposed a scheme to store big data on the blockchain,and realize reliable data sharing among governments,enterprises,institutions,and individuals through smart contracts.Similarly,in terms of vehicle management,[7]suggested a data storage model based on two blockchains.Based on the tree structure,all vehicle information is stored on the top blockchain called GABC.At the second level of the tree,the blockchain called LABC only stores information of local vehicles.However,the above schemes store a large amount of data on the blockchain,resulting in high storage overhead.

Therefore,to reduce the storage overhead,[8]constructed a decentralized architecture for data secure storage by using Cloud Storage Service(CSS)as external storage.[4]proposed an educational records storage and sharing scheme named EduRSS,where institutional registration requires verification by CA nodes and voting by member institutions to ensure the security of the consortium blockchain,and uses a smart contract named RSSC to complete trusted data transmission and reduce the success rate of data tampering.It uses the POW consensus algorithm.In order to enable research institutions to find the data they required without viewing the patient data,[9]used trusted zero-knowledge proofs and smart contracts to complete verification without disclosing any privacy of the patient.Huang,et al.[9]chose the PBFT consensus algorithm in which costs are reduced and efficiency are improved.

To achieve data querying without revealing privacy,searchable encryption techniques SSE and ASE are looking for more and more application fields in addition to the above mentioned zero-knowledge proof techniques.As early as 2000,Song,et al.[10]proposed an SWP scheme based on the idea of ciphertext scanning,which can be seen as the first SSE schem.[11]designed an SSE scheme for singlekeyword search by search token named trapdoor given by the sender,and improved the search efficiency through multi-user settings.Using Gas System to improve the security and fairness of the blockchain network,the data receiver needs to pay a certain amount of gas to the data sender and the bookkeeping account.In[12],based on[11],a scheme for sharing medical data supporting complex expression queries was proposed.For the credibility of the records of user access data,in order to facilitate the audit of the administrator,VDAC scheme stored access records on blockchain[13]which uses the decentralized ledger technology(DLT)and CP-ABE.

III.BCAKGROUND

3.1 Hyperledger and Smart Contract

With the introduction of the Hyperledger project[14],many innovative design concepts have been realized,such as fine-grained privacy protection,a pluggable and scalable implementation framework,and censorship management,which have had a significant impact on the development of blockchain technology.

Nick Szabo[15]firstly defined a smart contract as“a computer-processed transaction protocol that enforces the terms of a contract”.The smart contract can execute a series of rules and operations autonomously related to contract,which can help to implement complex blockchain applications.In the Fabric project of Hyperledger,the access-controlled contracts can only invoked after identification.

3.2 Searchable Encryption Technology

Since searchable encryption technology can provide secure encryption and directly ciphertext retrieval functions,it is suitable for protecting and sharing of private data in cloud computing.Two searchable encryption techniques are proposed.

3.2.1 Symmetric Searchable Encryption

SSE requires only one symmetric key,and typical construction methods of SSE include SWP[16]and SSE-1[17]scheme.For multi-keyword queries,the main solutions are adding logical conjunctions and searching by fuzzy keywords.

3.2.2 Asymmetric Searchable Encryption

Boneh et al.[18]introduced searchable encryption in asymmetric cryptosystems and proposed the concept of PEKS.The searchable encryption algorithm under asymmetric cryptosystems can be described as PEKS,PEKS=(KeyGen,Encrypt,Trapdoor,Test),where KeyGen is used generate public and private keys,Encrypt is used to encrypt keywords,Trapdoor is used to generate search tokens and Test outputs the decision value{0,1}based on the matching results of search tokens and keywords.In this work,the asymmetric searchable encryption algorithm is applied to the keyword encryption and query matching of the student education record database.

3.3 PBFT Consensus Algorith m

The PBFT consensus algorithm is optimized for low overhead time.It provides a distributed fault-tolerance mechanism that allows the system to operate normally even if there are malicious nodes running in the system.The basic process of entire protocol as followed.

(1)Request:A request is send by client to the master node;

(2)Pre-prepare:The master node sorts and assigns numbers to the correct requests,then broadcasts the request to all nodes in the system;

(3)Prepare:The node judges the received prepreparation information,enters the preparation phase if agreed,and then broadcasts the message to other nodes;

(4)Commit:When the node receives 2f+1 verified messages,it enters the commit phase,and sends messages to other nodes,and the consensus protocol is completed;

(5)Reply:The nodes perform the requested service,and then sends the response back to the client.When the client receives m+1 responses from different nodes which have the same result,the response is the result.PBFT is suitable for private blockchain and consortium blockchain that require strong consistency.Hyperledger also introduced its own consensus protocol based on PBFT.After executing the smart contract,a signature of the code execution result for verification.

3.4 Notations

The notations used in this paper are presented in Table 1.

Table 1.Symbol definition.

IV.SYSTEM MODEL

4.1 System Architecture

The scheme consists of data owners(educational institutions),data applicants(individual users or institutions),consortium blockchain,smart contracts and cloud servers.

As the entity that owns the data,the data owner should own,control,and conditionally share the data of the student applicants records.The data owner encrypts and transmits the desensitized files to the cloud server using AES encryption technology,creates a smart contract,and sends the index of the files,the corresponding extracted encrypted keyword and the generated file summary storage to the blockchain.The data owner will also generate a dictionary of student educational records data and send it to the smart contract.

The user is the entity that needs to access the data about the students’educational records.It needs to request permission from the data owner first.After having a search token,the user searches for keywords in the blockchain,invokes a smart contract to return encrypted keywords and summaries of the searched files,and eventually returns encrypted data in storage server.

Entities participating in the consortium blockchain,including educational institutions and users,will be assigned a blockchain address when registering on Fabric-CA,and different permissions will be granted according to the roles of the participating users.Educational institutions can record and modify data,while users can only query data.

The smart contract has three functions.The smart contract limits the usage rights by verifying the identity of the user invoking the smart contract,controls the storage of file indexes,keywords and the summary of the encrypted file,and controls the retrieval of keywords.

The cloud server stores encrypted files after data masking.When the user sends the summary of the requested file,the storage server returns the encrypted file to the user.

For an overview of the system model,please refer to Figure 1.

Figure 1.System model.

4.2 Design Goals

Availability:As long as the user or organization obtains the search token,the smart contract can be invoked for data query at the same time,enabling more efficient access to the required data.Data availability is ensured by the search algorithm that returns a summary of the documents matching supply and demand.

High Efficiency and Safety Coexist:The amount of data on student education records is huge.For the transmission of big data,using AES algorithm encryption has higher efficiency than asymmetric encryption while the RSA algorithm is used to encrypt the AES key,guarantees the security of the AES key.

Privacy-preserving:The students’ educational records data is encrypted and stored in the cloud server after data masking.Even if the storage server obtains the decryption key,it cannot determine the student corresponding to the data,and thus spy on the students’privacy data.Smart contracts and other entities do not even have chance to access to encrypted data.By extracting the query keywords of the student educational records data,these keywords include critical private data of students,so we only need to protect the file query keywords from attacks.While the query keywords are also encrypted to be transmitted between the user and the data owner,the smart contract executes the search algorithm without obtaining the privacy of the students,and returns the summary of the file to the user,which we assume will be transmitted to the user through a secure channel.

4.3 Basic Algorithms

The various stages of the scheme were implemented by using several algorithms.In this section,we briefly describe these algorithms:

(Sk,Pk)=KeyGen（1λ）:This algorithm is used to generate key pairs in the Key Generation of the account.L is the safety factor.In detail,usingPk,Sk={0,1}λto realize this process.Pk represents the public key of the account,and Sk represents the private key of the account.

L=Setup(W,ID(w),Pk):This algorithm is used to generate a dictionary of record keywords and executed by the education institution.

CD=ENC(Pk,UD):This algorithm is used to encrypt data.In detail,the AES encryption algorithm is used.The algorithm is executed by the data owner and obtains the encrypted data file CD.

D=DENC(CD,Sk):This decryption algorithm is usually executed by the user.The CD ciphertext is received by the user,and Sk represents the private key of the data owner.After decryption,the plaintext D will be obtained.

CT(U)=Entrcpt(Sk(U),Info):This algorithm is used to encrypt data.In detail,the AES encryption algorithm is used.The algorithm is executed by the data owner and obtains the encrypted data file CD.

Key=Entrcpt(Pk(U),Sk):This algorithm is used to encrypt the key Sk of the data owner.In detail,the RSA encryption algorithm is used.

Sk=Dentrcpt(Key,Sk(U)):This algorithm is used to decrypt the Key to obtain the key Sk of the data owner.

Req=Send(Q,CT(U),Pk(U)):This algorithm is used to send the user request Req to the data owner.Req contains the public key of user Pk(U),the encrypted query keywords Q and the encrypted information of the user.

TD=Trapdoor(Q):This algorithm is used to generate the user’s search tokenTD.The algorithm is executed by the data owner and obtains the file index id through the user’s query set Q.

H(CD)=CHash(CD):This algorithm is used to calculate the hash value of the record.In this process,using the SHA-3 hash function to get the record summary.The algorithm is executed by the data owner.H(CD)represents the storage address in the cloud server,which is a hash value.

M():{0,1}λ·{0,1}?→{0,1}λ,

F():{0,1}·{0,1}λ→{0,1}?are two pseudorandom functions.

V.PROPOSED SCHEME

5.1 Account Registration

(1)Educationalinstitutionsandusers can get the key pairs in key generation byrunning(Sk,Pk)=KeyGen（1λ）,and(Sk(U),Pk(U))=KeyGen（1λ）.

(2)Several entities participating in the blockchain,including educational institutions and users,should register with Fabric-CA.Fabric-CA will assign a blockchain address to the account.The addresses of educational institutions and users are OwnerAddress and UserAddress respectively.

5.2 Design of Smart Contract

When the data owner joins the blockchain,it will automatically create a transaction to create an ISSC(Information Store and Search Smart Contract)smart contract.Mapping is the mapping storage structure of key-value pairs used in smart contracts.We have defined two mapping relationships.In the mapping relationship“mapping(Ind=>AddressInfo)AddressInfoMap”,we built the structure AddressInfo.Address-Info records the storage address H(CD)corresponding to the file identifier Ind and the file keyword information CD.In the mapping relationship“mapping(DBHash=>DBInfo)DBInfoMap”,we built the structure DBInfo,which records the keyword dictionary information DB.The above two structures set the access permissions of the mapping relationship through the AuthorityAddress[]array.The Mapping is represented in Figure 2.

Figure 2.The structure of mapping.

struct AddressInfo{

address[]AuthorityAddress;

uint AdId;

uint H(CD);

uint CW;

}

struct DBInfo{

address[]AuthorityAddress;

uint DBId;

uint DB;

}

ISSC smart contracts provide a series of callable functional interfaces as follows:

AddAuthor(UserAddress):This function describes the process of adding the address of an authenticated user to the authority,which can only be performed by the data owner.

BuildDB(L):This function is called to initialize the keyword dictionary DB and store the information on the ISSC smart contract,which can only be executed by the data owner.

BuildInd(ind,HAdd,CW):Call this function to record the storage location of the encrypted file HAdd and the encrypted keyword CW through the file index ind,and store the information on the ISSC smart contract,which can only be executed by the data owner.

Search(TD,UserAddress):This function is called to search the query results.Firstly,check the user’s permission by checking if UserAddress exists.At the end of the query,the address list H and the keyword set kyw will be returned.

5.3 Secure Storage of Educational Records

(1)Data owner select the private data PD,and extracts keywordsW={W1,W2,.......,Wn}through PD.After data masking the PD in the plaintext D of student education records,then get the non-sensitive data UD.For example,suppose that an educational institution stores student education records in a class diagram as shown in Figure 3 below.The privacy data keywords are stored in the keyword table,W={StudentID,Name,Gender,Major,School,DateOfEnrollment,Class}.ID(w)is the index collection of files,ID(w)={indi|w=Wi},andindiis the index of a series of files.The data owner uses a dictionary strategy to generate a keyword dictionary L throughL=Setup(W,ID(w),Pk).In setup phase,the algorithm is similar to[11].

Figure 3.The structure of database.

(2)The data owner groups the non-sensitive data UD according to ID(w),encrypts it throughCD=ENC(Pk,UD),and sends the encrypted data CD to the cloud storage.Use the private key Sk to encrypt the privacy keyCW=Entrcpt(w,Sk),where w belongs to{W1,W2,.......,Wn}The summary of the encrypted data CD,the storage address,can be calculated in the following way:H(CD)=CHash(CD).Then get index set ind,summary set HAdd and encrypted keywords set CW byind=ind1‖ind2‖....‖indp,HAdd=H(CD)1‖H(CD)2‖....‖H(CD)p,CW=CW1‖CW2‖....‖CWp,stored on the blockchain by calling the functional interface BuildInd(ind,HAdd,CW)of the ISSC smart contract.

5.4 User Search Process

(1)Generate user information Info,use private key Sk(U)to encrypt informationCT(U)=Entrcpt(Sk(U),Info).Write multiplesearchkeywordsintoQ,runCQ=Entrcpt(Sk(U),Q)obtaintheencrypted keywords CQ and send the requestReq=Send(Q,CT(U),Pk(U))to the data owner.

(2)The educational institution uses the user’s public key Pk(U)to decrypt Req to obtain Q and Info.After the verification information is passed,the user is given the permission by calling the functional interface AddAuthor(UserAddress)of ISSC smart contract.The educational institution generates search tokenTD=Trapdoor(Q),which is inspired by[19].Then usesKey=Entrcpt(Pk(U),Sk),and returnsTDand Key to the user.

(3)The user sendsTDand calls the functional interface Search(TD,UserAddress)of ISSC smart contract.The search algorithm with theTDis similar to[11].

Algorithm 1.Setup(W,ID(w),Pk).1:Initializes an empty list L;2:Calculate the number of keywords|W|;m←|W|;3:for i=1 to m do 4:K1←M(1‖Wi,Pk);K2←M(2‖Wi,Pk);5:q←ID(w)={indi|w=Wi};B←[ID(w)/p];6:b←0;7:Divide ID(w)into B+1 blocks.Fill q entries to the last segment;8:for each block inID(w)do 9:ind=ind1‖ind2‖....‖indp;k{0,1}λ;10:id←ind⊕F(k,K2);l←M(b,K1);b++;11:Add(id,l,k)to the list L;12:end for 13:end for

Algorithm 2.BuildInd(ind,HAdd,CW).1:if(msg.sender!=OwnerAddress)then 2:return false;3:else 4:Parse id into{ind1,ind2,.......,indp};5:ParseHAddinto{H(CD)1,H(CD)2,.......,H(CD)p};6:Parse CW into{CW1,CW2,.......,CWp};7:for i=1 to p do 8:AddressInfoMap[indi]=AddressInfo(9:{AuthorityAddress[DBId]msg.sender,10:H(CD):[DBId]i,AdId:++AdId;CW:CW;});11:end for 12:return true;13:end if

(4)The user sends the address list H to the cloud server,and the cloud server returns the corresponding encrypted file to the user.The user obtains the key of the educational institution throughSk=Dentrcpt(Key,Sk(U)),decrypts the fileD=DENC(CD,Sk),and finally obtains the non-private part of the student’s education records,by comparing the private keyword kyw and the address list H,get a complete education record.

5.5 Consensus Phase

Algorithm 3.BuildDB(L).1:if msg.dender!=OwnerAddress then 2:return false;3:else 4:Initializes an empty list DB;5:for each i∈[1,n]do 6:parses the received Li into(id,k,l);7:Add(id||k,l)to DB;8:end for 9:DBHashk←CHash(DB);10:end if 11:if the number of DBINfoMap is equal to 0 then 12:DBId←0;13:DBInfoMap[DBHash]=14:DBInfo(AuthorityAddress[DBId]:15:msg.sender,DB:DB;16:else 17:DBId++;18:DBInfoMap[DBHash]=19:DBInfo({AuthorityAddress[DBId]:20:msg.sender,DB:DB});21:end if 22:return true;

Algorithm 4.H,kyw=Search(TD,UserAddress).1:if(UserAddress is exists in AuthorityAddress[])&&(DBInfoMap[DBHash]is exist)then 2:Initializes two empty list H and kyw;3:Parse TD into{K1,K2,.......,Kn};4:Calculate the number of K1 as n;b←0;5:for i=1 to n/2 do 6:id←ind⊕F(k,K2);ind,kw,k ←Get(DB,l);7:l←M(b,K1);k{0,1}λ;i++;b++;8:Parse id into{ind1,ind2,.......,indp};9:Find the storage address H(CD)corresponding to each ind:10:for j=1 to|id|do 11:if AddressMap[ind]is exist then 12:Add H(CD)i to the list H;Add CWi to the list kyw;13:else end;14:end for 15:end for 16:return H,kyw.17:end if

Algorithm 5.TD=Trapdoor(Q).1:Parse Q into{Q1,Q2,...,Qn};2:Calculate the number of Q called|Q|;n←|Q|3:The data owner initializes an empty set W;4:for i=1 to n do 5:K1←M(1‖Qi,Pk);K2←M(2‖Qi,Pk);6:Add K1‖K2 to the W;7:end for 8:TD←W;

Algorithm 6.AddAuthor(UserAddress).1:if(msg.sender!=OwnerAddress)then 2:return false 3:else if AuthorityAddress[].add(UserAddress);then 4:return true;5:end if

After user obtains the student data,the smart contract submits the query record to the verification node,which requires the digital signature of user and educational institution.If the transaction is passed by the verification node through the PBFT consensus algorithm,it will be published and recorded on the blockchain.The record can also be used to prove the authenticity and credibility of the data source when external institutions do related research based on students educational records.

VI.SECURITY ANALYSIS AND PERFORMANCE EVALUATION

6.1 Security Analysis of Our Scheme

For consensus delay attacks,Sybil can send pseudosignatures to other nodes during the preparation and commit phase.Since each node needs to verify the signature,pseudo-signatures will cause additional verification overhead.If there are too many pseudosignatures,commit phase will be stopped and eventually cause a delay in the reply phase.Therefore,the master node will not be able to obtain the number of approvals required for verification and will cause consensus delays and reduce application throughput[20].

In this paper,using PBFT as an example to analyze the potential security risk.[21]proposed a model to analyze the attack process.After the Sybil attack,the master node fails.Therefore,the system sets two trigger conditions to trigger the view switching protocol:

(1)Starting from the timestamp T of the recently completed block,the pre-prepare broadcast of the new master node is not received within the limited time T1;

(2)No new block is generated within the limited time T2,where T1

p=probability of viewing switching protocol occurring in the system.

n=the total number of nodes in the system.

The PBFT consensus mechanism after three phases of broadcast,the time complexity of communication isO(n2),the number of communications is 2n·(n ?1),the number of communications of view switch protocol isn·(n ?1)therefore the total number of communication w of the PBFT after the occurrence of view switch protocol with p probability can be calculated as Eq.(1).

The more pseudo-signatures and the longer delay in reply phase,the higher the probability p.We performed simulations in the Python environment.As shown in Figure 4,when the probability p in the system is a constant,the total number of communications increases as the number of nodes increases.By decreasing the probability p,the total communication count w does not change much when the number of nodes is the same and only decreases slowly.Therefore,the best way is to avoid Sybil.We set the node to credit-layered mechanism like[21]and give higher scores to educational institutions with high integrity.They have a better chance of being selected as master nodes,so that the chance of malicious nodes participating in block consensus decreases,and then view switching probability is greatly reduced.

Figure 4.The communication volume of the proposed scheme.

6.2 Performance Analysis

6.2.1 Query Support

This scheme is inspired by[11,12],but there are several differences.For the search function,[11]supported single-keyword search,[12]supported complex boolean expressions and range queries,but the requirements for query keywords are high and need to be a pre-defined style.Our scheme supports personalized combinations of multiple keywords.In terms of application scenarios,[11]is a general search solution,while[12]is aimed at electronic health records.Our solution is designed for students’educational records.Like EHRs,this type of data is uploaded to the system,so dynamic updates do not need to be considered.

6.2.2 The Overhead of Extracting the Index and Data Masking

The system environment configuration descriptions are shown in the Table 2.

Table 2.System environment configuration.

Since there is no publicly available database of students educational records,the UCI machine learning resource library“Student Performance Data Set”[22]is used as the test dataset.It has 33 attributes and 649 records and five attributes were selected as search keywords and privacy attributes.We imported the dataset into MySQL,which can then be queried by the document ID,making them suitable for the proposed scheme.In consequence of the dataset was too small to meet the quantitative requirements,the performance was tested in terms of the number of query keywords.

As shown in Figure 5,when the number of keywords increases from 1 to 5,the query time does not change significantly,but the time for substitution of sensitive data from the database is not the same,we interpret it as executing rows in the replacement statement are not the same,from 1 to 5 keywords respectively,179,119,77,77,15 rows are calculated.The more execution rows,the greater the overhead.Compared with the query time,the assignment and replacement time of sensitive data is much higher.Therefore,in terms of runtime,extracting file identifiers on MySQL can be good performance even for large data sets.While more overhead is needed,if the data masking is required.

Figure 5.The query performance of the scheme.

6.2.3 The Overhead of Smart Contract

In the ISSC smart contract proposed in this scheme,the steps of the Search(TD,UserAddress)functional interface are the most complicated and costly,hence the overhead of the smart contract mainly comes from this interface.This functional interface is similar to the scheme of[11],so the performance is also similar.

In[11],the data owner was instantiated on a machine with 16 GB RAM,4 Intel cores I7-3770,running Ubuntu 16.04.2,and the client and smart contract were written using Python,Solidity and JavaScript languages.A simulated Ethereum network was constructed locally using TestRPC,with the time it takes to mine blocks set to 0,to achieve the purpose of focusing on the performance of the search functional interface of the smart contract.It uses the Enron emails dataset,the key attributes of the dataset are shown in Table 3.Figure 6 describes the search time for fourdatasets to find matching files.The search time is calculated by quantitatively calculating the time to return 100 matching files.The larger the size of the data set,the more time the search takes.For one dataset,the query time decreases instead as the number of matching documents increases.In the establishment phase,each transaction takes an average of 4 seconds to operate.Corresponding to our scheme,the average time spent in a transaction in[11]is the time to search one keyword,and querying multiple keywords requires looping this process.Therefore,if we want to achieve the flexibility of data search,we need to spend more search overhead.Furthermore,we found that the main cost is still focused on the search time by looking at the search time and the time for extracting the file identifier of the large dataset in[11].

Table 3.Evaluation database sizes(data stem from[11]).

Figure 6.Search time per matching document in TestRPC(data reference in[11]).

6.2.4 New Block Generation Time

We compared the blockchain-based education records data sharing scheme EduRSS[4],EduCTX[5]proposed improvements in five aspects:function,computing cost,privacy protection and energy consumption.

Our scheme had the retrieval encrypted data function,it’s non-essential for students to send blockchain address and then institution verify signed message.Using AES encryption rather than the asymmetric encryption algorithms of EduRSS and EduCTX,which is more suitable for the student education big data.

In terms of consensus mechanisms,[4]used the POW consensus mechanism requires abundant computing power and more energy consumption to maintain the consistency of the blockchain,in order to let the honest chain gets the next block,it needs to appropriately increase the distance between blocks to prevent tampering attacks.[5]adopted the DPOS consensus mechanism and adjusted the blockchain into a consortium blockchain by changing the consistency parameters of DPOS.Our solution adopted the PBFT consensus mechanism,which avoids mining computations and is less computationally intensive,satisfying the metric requirement of lower computational cost.Encrypted search avoids the exposure of original data and meets the requirements of privacy protection.It can be found from Table 4 that our solution meets all the metrics.

Table 4.Performance comparisons.

Specifically,we experimented the block generation time of different schemes on centos7,using Intel Corei5-8250M CPU@3.40GHz8GB RAM.As shown in Figure 7,the calculation cost of this scheme is lower than the EduRSS and EduCTX schemes.

Figure 7.Tab3 performance comparisons.

VII.CONCLUSION

In order to solve the problem of sharing student education big data quickly and ensuring data privacy,we proposed a data security storage and sharing scheme based on consortium blockchain.The fast and safe storage of data is realized by the blockchain and cloud server together.Utilizing a smart contract to protect data keywords.Thorough deeper theoretical and security analysis and performance evaluation showed that high efficiency of storing data and privacy preserving can be achieved in real-world applications.Compared with the existing education experience records sharing scheme,our scheme consumes was more efficient to generate blocks and had retrieval encrypted data function,but further work is still needed.

The future research direction is how to realize the cross-chain technology of the consortium blockchain based on this scheme,so that organizations on different chains can also realize data security sharing.There are already some cross-chain technologies.For example,[23]has begun to study the issue of cross-chain transactions,but does not consider the secure transmission of data.In addition,for remote servers,most of the solutions are stored in local or cloud servers,and using distributed file system such as the Interplanetary File System(IPF)is a better choice.

ACKNOWLEDGEMENT

The research work was supported by the National Key Research and Development Plan in China(Grant No.2020YFB1005500),Key Project Plan of Blockchain in Ministry of Education of the People’s Republic of China(Grant No.2020KJ010802)and Natural Science Foundation of Beijing Municipality(Grant No.M21034).