A model for ensuring the continuity of the safe functioning of the product quality traceability system in conditions of unstable communication

Evidence-based technologies for product quality have a positive impact on a wide range of social and economic processes. One of the immanent problems of implementing such technologies is determined by the contradiction between the need to ensure open access to information about the stages of the technological process and the confidentiality of some of such data. The use of strict cryptographic procedures to resolve this contradiction is often impossible due to resource constraints, in particular, the lack of continuous telecommunications between the parties involved. The results obtained are aimed at ensuring the feasibility of product quality traceability systems under resource constraints. They are based on a new architectural solution and the integration of classical methods and tools to ensure information security. The paper proposes a three-level model of a product quality traceability system with controlled quality degradation and scenarios for ensuring the continuity of its safe operation. The basic concepts of the proposed solution are: separation of stored data into publicly available and confidential; procedures for “deferred” trusted access in conditions where direct communication with one of the data owners is impossible; data separation into shards — functionally or geographically localized data warehouses; immanent properties of distributed registry systems in terms of ensuring data integrity and availability, non-repudiation of operations. The paper introduces typical scenarios for the use of a hierarchical product quality tracking system, sets and proposes a solution to the problem of ensuring information security of their implementation. The approach to reducing the level of information security of specific implementations in conditions of resource constraints is justified by taking into account the specifics of the functioning of application systems. The information security of the new results is confirmed by computer modeling using specialized protocol security analysis tools. Unlike well-known models focused on the use of stable communication channels, centralized data models, strict cryptographic algorithms and significant computing resources that do not involve accessing data in the absence of communication with their owner, the proposed solution provides authenticated controlled access to the requested confidential data and in the absence of communication with their owner. An immanent disadvantage of the implementation of the discussed scenarios is a certain decrease in the level of information security associated with delegating trust to a third party as well as simplifying the compromise of distributed registry shard nodes.

1. Le V.X., Begaev A.N., Komarov I.I. Information security threat model for product quality tracking systems for emerging markets. Proceedings of the Institute of Engineering Physics, 2024, no. 1(71). pp. 61–70. (in Russian)

2. Le V., Vu L., Komarov I.I. Ensuring information security in the seafood traceability system based on blockchain. Science and Business: Ways of Development, 2022, no. 5(131), pp. 97–101. (in Russian)

3. Le W.H., Begaev A.N., Komarov I.I., Fung W.K Verification of session key safe distribution method in the product quality traceability system. Voprosy kiberbezopasnosti, 2023, no. 6(58), pp. 112–121. (in Russian). https://doi.org/10.21681/2311-3456-2023-6-112-121

4. Chernitskaya T.E., Makarenko S.I., Rastyagaev D.V. Aspects of information assurance within net-centric information and control systems interoperability evaluation. Bulletin of the Russian New University. Series “Complex Systems: models, analysis and management, 2020, no. 4, pp. 113–121. (in Russian). https://doi.org/10.25586/RNU.V9187.20.04.P.113

5. Liu Y., Liu J., Salles M.V., Zhang Z., Li T., Hu B., Henglein F., Lu R. Building blocks of sharding blockchain systems: Concepts, approaches, and open problems. Computer Science Review, 2022, vol. 46, pp. 100513. https://doi.org/10.1016/j.cosrev.2022.100513

6. Luu L., Narayanan V., Zheng C., Baweja K., Gilbert S., Saxena P. A secure sharding protocol for open blockchains. Proc. of the 2016 ACM SIGSAC conference on computer and communications security, 2016, pp. 17–30. https://doi.org/10.1145/2976749.2978389

7. Yu G., Wang X., Yu K., Ni W., Zhang J.A., Liu R.P. Survey: Sharding in blockchains. IEEE Access, 2020, vol. 8, pp. 14155–14181. https://doi.org/10.1109/access.2020.2965147

8. Banerjee K., Saha S. Blockchain signatures to ensure information integrity and non-repudiation in the digital era: A comprehensive study. International Journal of Computing and Digital Systems, 2024, vol. 16, no. 1, pp. 1–12.

9. Ayele W.Y. Non-repudiation mechanisms for IoT applications: A systematic literature review: Master degree project in informatics with a specialization in privacy, information security, and cyber security, 2021, 65 p.

10. Tan K.-L., Chi C.H., Lam K.Y. Secure and privacy-preserving sharing of personal health records with multi-party pre-authorization verification. Wireless Networks, 2024, vol. 30, no. 6, pp. 4773–4795. https://doi.org/10.1007/s11276-022-03114-6

11. Blackburn S.R. Combinatorics and threshold cryptography. Combinatorial Designs and their Applications. Routledge, 2023, pp. 49–70. https://doi.org/10.1201/9781315139722-3

12. Tan L., Yu K., Yang C., Bashir A.K. A blockchain-based Shamir’s threshold cryptography for data protection in industrial internet of things of smart city. Proc. of the 1st Workshop on Artificial Intelligence and Blockchain Technologies for Smart Cities with 6G, 2021, pp. 13–18. https://doi.org/10.1145/3477084.3484951

13. Abdallah A., Salleh M. Secret sharing scheme security and performance analysis. Proc. of the International Conference on Computing, Control, Networking, Electronics and Embedded Systems Engineering (ICCNEEE), 2015, pp. 173–180. https://doi.org/10.1109/iccneee.2015.7381357

14. Beimel A. Secret-sharing schemes: A survey. Lecture Notes in Computer Science, 2011, vol. 6639, pp. 11–46. https://doi.org/10.1007/978-3-642-20901-7_2

15. Tejedor-Romero M., Orden D., Marsa-Maestre I., JunqueraSanchez J., Gimenez-Guzman J.M. Distributed remote e-voting system based on Shamir’s secret sharing scheme. Electronics, 2021, vol. 10, no. 24, pp. 3075. https://doi.org/10.3390/electronics10243075

16. Nesterenko A.Yu., Semenov A.M. Methodology for assessing the security of cryptographic protocols. Prikladnaya Diskretnaya. Matematika, 2022, no. 56, pp. 33–82. (in Russian). https://doi.org/10.17223/20710410/56/4

17. Basan A.S., Basan E.S., Ishchukova E.A., Kornilov A.P. Protocol for mutual authentication of an object’s group with dynamic topology. Voprosy kiberbezopasnosti, 2023, no. 4(56), pp. 41–52. (in Russian). https://doi.org/10.21681/2311-3456-2023-4-41-52

18. Babenko L.K., Pisarev I.A. PDA language for dynamic analysis of cryptographic protocols. Voprosy kiberbezopasnosti, 2020, no. 5(39), pp. 19–29. (in Russian). https://doi.org/10.21681/2311-3456-2020- 05-19-29