Search

EP-3973431-B1 - SYSTEM OR METHOD TO IMPLEMENT RIGHT TO BE FORGOTTEN ON METADATA DRIVEN BLOCKCHAIN USING SECRET SHARING AND CONSENSUS ON READ

EP3973431B1EP 3973431 B1EP3973431 B1EP 3973431B1EP-3973431-B1

Inventors

  • PADMANABHAN, PRITHVI KRISHNAN

Dates

Publication Date
20260513
Application Date
20200521

Claims (12)

  1. A method performed by a computing system (1816) of a host organization (110) for providing a right to forget data in a blockchain, the computing system providing a blockchain interface (190) to the blockchain on behalf of a plurality of tenants of the host organization that serve as nodes in a blockchain network, the method comprising: receiving a request including an identifier of a requestor, the request to access transaction data designated as private (1131); determining whether the identifier of the requestor or an identifier of the transaction data is included in a list indicating that a request to forget has been received for data associated with the requestor, or for the transaction data (1133); denying access to the transaction data when the identifier of the requestor or the identifier of the transaction data is included in the list, as inclusion in the list indicates the transaction data is permanently unavailable to access (1135); and responsive to determining that the identifier of the requestor or the identifier of the transaction data is not included in the list, performing the following: requesting access to the transaction data from the nodes in the blockchain network, the requesting access including the identifier of the requestor (1137); denying access to the transaction data in response to receiving an insufficient number of secret shares from the nodes to establish consensus by the blockchain network (1143); and decrypting the transaction data in response to receiving a sufficient number of secret shares from the nodes to establish consensus by the blockchain network (1145).
  2. The method of claim 1, further comprising: determining that the identifier of the requestor is on the list (1133).
  3. The method of any of the preceding claims, further comprising: receiving a request to forget data associated with a unique user identifier (1121); and adding the unique user identifier to the list (1123).
  4. The method of any of the preceding claims, wherein the transaction data is decrypted (1145) in response to receiving a threshold number of secret shares (1141).
  5. The method of any of the preceding claims, wherein a decryption key is recovered from received secret shares (1145).
  6. The method of any of the preceding claims, wherein denying access to the transaction data is in response to a number of received secret shares being below a threshold for recovering a key for encryption (1143).
  7. The method of any of the preceding claims, further comprising: defining object and metadata for the transaction data to be stored in the blockchain including identification of private information for objects and fields (1103).
  8. The method of any of the preceding claims, wherein the transaction data designated as private is encrypted and has a key for decryption that is derived for the secret shares.
  9. The method of any of claims 3 to 8, wherein where the unique user identifier is on the list an associated secret share is discarded to make a key for decrypting the transaction data designated as private unrecoverable.
  10. The method of any of claims 3 to 9, wherein the unique user identifier is utilized to correlate access control permissions between the requestor and the transaction data designated as private.
  11. A computing system (1816) of a host organization (110) configured to perform a method for providing a right to forget data in a blockchain, the computer system providing a blockchain interface (190) to a blockchain on behalf of a plurality of tenants of the host organization each serving as nodes in a blockchain network, the computer system comprising: a computer readable medium means (1931) having stored therein the blockchain interface and a permissions manager (181); and a processor means (1902) coupled to the computer readable medium means, the processor configured to execute the blockchain interface and the permissions manager, the permissions manager to perform the method of any of the preceding claims.
  12. A computer-readable medium (1931) having stored therein a set of instructions, which when executed cause a computer system (1816) of a host organization (110) to perform a set of operations of a method for managing read access of data in a blockchain, the computer system providing a blockchain interface (110) to a blockchain on behalf of a plurality of tenants of the host organization, the set of operations implementing the method of any one of claims 1-10.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS This application claims priority to U.S. Application No. 16/667,846, filed October 29, 2019, which claims the benefit of U.S. Provisional Application No. 62/851,589, filed May 22, 2019. TECHNICAL FIELD Embodiments disclosed herein relate generally to the field of distributed ledger technology and blockchain platforms. More particularly, disclosed embodiments relate to systems, methods, and apparatuses for implementing access restrictions related to reading data from a blockchain in a metadata driven blockchain platform using Distributed Ledger Technology (DLT) in conjunction with a cloud based computing environment. BACKGROUND ART A blockchain is a continuously expanding list of records/blocks that are linked and secured using cryptography. In particular, every block in a blockchain may include a cryptographic hash of the immediately preceding block, a timestamp for the current block, and transaction data (e.g., the addition/modification of information associated with a peer in a blockchain network). Further, the blockchain may be shared and managed through a peer-to-peer network via a system of verifying/validating new blocks to be added to the chain such that a block in a blockchain cannot be altered without alteration of all subsequent blocks, which requires network consensus. This architecture allows for security of information stored within blocks through the use of cryptography; sharing/distribution of information through the use of peer-to-peer networks; trust through the use of consensus of block addition; and immutability of information stored within blocks through the use of cryptography, chaining/linking of blocks, and peer distribution (e.g., each peer in the blockchain network may maintain a ledger of all verified/validated transactions in the network). Blockchains can be utilized to store many different types of data including financial data. Such financial data can be stored in a blockchain that functions as a distributed ledger. A distributed ledger in blockchain is shared by all of the participants in that blockchain. Distributed Ledger Technology (DLT) helps to address and overcome many of the types of shortcomings of conventional financial systems, however, the technology may nevertheless be expanded to introduce even further benefits to those utilizing such DLT and related blockchain platforms. Presently available DLT and blockchains utilizing such DLT technologies store data in a fixed, immutable, and static manner. Thus, once data is written into the blockchain, it is fixed there, wholly absent of context, metadata, or any other information which describes the stored data, describes the shape of the data, or describes the type of the data. Consequently, it may prove extremely difficult to transform data retrieved from the blockchain back into a format which is acceptable for the business objectives due to the lack of context of other metadata describing that stored data. Further still, presently available DLT and blockchains utilizing such DLT technologies require any record on the blockchain which is updated or modified to be re-written to the blockchain in its entirety, resulting in an explosion of total volume of stored data on the blockchain, which is likely unsustainable and at the least resource intensive. Other conceived approaches write only the modified portion of a record to the blockchain, which results in inefficient data retrieval as the complete record is now split amongst multiple blocks on the blockchain and thus necessitates any retrieval of a modified record to search for, inspect, and retrieve data from multiple blocks on the blockchain. Further, presently available DLT and blockchains store the data in the blockchain such that it is accessible to any node in the network. The data in the blockchain is never removed. Due to these characteristics, DLT and blockchains can be poor fits for use in applications where it is necessary for data to be permanently deleted or where it is desired to restrict access privileges to the data stored in the blockchain. WO 2018/109010 A1 discloses that a peer-to-peer network allows distribution and retrieval of data by encrypting, with a secret key, a file containing said data; splitting the encrypted file into blocks and splitting the secret key into secret shares; distributing the blocks and the secret shares to the peer nodes; and, upon request of a client to access the file, retrieving via one of the peer nodes the encrypted blocks for reconstructing the encrypted file; retrieving at least some of the secret shares for reconstructing the secret key; and decrypting the encrypted file with the reconstructed secret key. The peer nodes share a blockchain log so as to form a blockchain network. The secret shares are transmitted, requested and retrieved via messages sent over the blockchain network, thus providing evidence of a node having access to the unencrypted file. BRIEF DESCRIPTION OF THE DRA