臺灣博碩士論文加值系統

在這個越發重視信任和隱私的時代，傳統基於可信任第三方中心化系統在資料安全性和可靠性的問題也更加受到質疑，但在過往並沒有一項技術能夠實現去中心化平台(Decentralized Platform)的概念，使用者僅能以犧牲信任為前提，去換取服務的執行效率，而現今實現去中心化機制的區塊鏈越發成熟，從最初的加密貨幣開始逐漸能夠結合不同的應用場景，能以分散式網絡架構確保資料的安全性與不可竄改性，故採用區塊鏈替代傳統的集中式資料儲存也成為區塊鏈技術的重點研究之一。
本論文提出以Hyperledger Fabric區塊鏈架構實現資料儲存管理平台，透過將系統中的商業邏輯所需要的資料儲存於鏈外資料庫中，在區塊鏈以模組化的方式實現資料的存取與權限管理，資料的持有者無法直接與資料庫直接溝通，每當需要對資料進行存取前都必須先經由區塊鏈所頒發的Token獲取授權，當進行資料請求時都會驗證授權的有效性，同時也會透過區塊鏈管理每個使用者的資料權限，驗證使用者的資料請求是否符合角色的操作權限。
結合區塊鏈技術與鏈外資料庫的資料儲存管理平台，在實驗中依照使用案例建立區塊鏈網路測試環境，以Hyperledger Caliper進行效能測試，並檢視平台於資料管理的安全性，實驗結果顯示能夠在維持平台效能與通用性的同時，保有區塊鏈帶來的安全性與隱私性。

In this era of increasing emphasis on trust and privacy, the traditional issue of data security and reliability based on trusted third-party centralization systems has also been more questioned. However, in the past, no technology has been able to achieve the concept of a de-centralized platform. Users can only trade for the efficiency of services at the expense of trust. With the maturity of the block chain to achieve the de-centralization mechanism, from the initial encrypted currency, it is gradually able to combine different application scenarios, and to ensure the security and non-tampering of data with a distributed network architecture. Therefore, using block chain instead of traditional centralized data storage has become one of the key research areas of block chain technology.
This paper presents a data storage management platform based on Hyperledger Fabric block chain architecture. By storing the data needed by the business logic in the system in an out-of-chain database, the access and privilege management of the data is implemented in a modular way in the block chain. The holder of the data cannot communicate directly with the database. Authorization must be obtained through a Token issued by the block chain before data access is required. When data requests are made, the validity of the authorization is verified. Each user's data permissions are also managed through the block chain to verify that the user's data requests meet the role's operational permissions.
Combining the block chain technology with the data storage management platform of off-chain databases, this paper establishes the block chain network test environment according to the use cases in the experiment, tests the performance with Hyperledger Caliper, and inspects the security of the platform in data management. The experimental results show that the security and privacy brought by the block chain can be maintained while maintaining the efficiency and versatility of the platform.

摘要 III
ABSTRACT IV
目錄 VI
圖目錄 IX
表目錄 XII
第一章、緒論 1
1.1研究動機 1
1.2系統架構與流程 2
1.3論文架構 3
第二章、習知相關技術 4
2.1區塊鏈(Blockchain) 4
2.1.1共識協議 5
2.1.2密碼學 11
2.1.3 Smart Contract 15
2.1.4分散式帳本技術 17
2.2 Hyperledger 18
2.2.1 Hyperledger主要項目 18
2.3 Hyperledger Fabric 21
2.3.1 Hyperledger Fabric架構 22
2.3.2 Fabric SDK 24
2.3.3 Fabric CA (Fabric Certificate Authority) 25
2.3.4 Idemix(Identity Mixer) 27
2.3.5 Chaincode 28
2.3.6 Raft 29
2.4 Hyperledger Caliper 32
2.5 Docker 36
2.5.1 Docker架構 37
2.5.2 Docker Compose 38
第三章、相關文獻探討 39
3.1區塊鏈技術發展與相關文獻 39
3.1.1區塊鏈1.0 40
3.1.2區塊鏈2.0 42
3.1.3區塊鏈3.0 45
3.1.4區塊鏈技術評估 48
3.2非許可制區塊鏈相關文獻 49
3.2.1 Bitcoin 49
3.2.2 Ethereum 54
3.3許可制區塊鏈相關文獻 60
3.3.1 Hyperledger Sawtooth 60
3.3.2 Corda 64
第四章、系統之研究 73
4.1系統架構介紹 73
4.2訪問授權驗證模組 75
4.3權限管理控制模組 79
4.4資料更動記錄模組 82
第五章、實驗結果 84
5.1實驗環境 84
5.2使用案例 85
5.2.1生產資訊 86
5.3開發流程 88
5.4效能測試 89
5.5威脅評估 92
5.6 ACID特性 93
5.7相關方法比較 94
第六章、結論與未來方向 97
6.1結論 97
6.2未來方向 98
參考文獻 99


圖2.1.1.1、CAP定理特性 6
圖2.1.1.2、共識協議的發展方向 6
圖2.1.1.3、PoW共識協議流程 7
圖2.1.1.4、PoS共識協議流程 9
圖2.1.1.5、PBFT共識協議流程 10
圖2.1.2.1、雜湊函式的計算過程 11
圖2.1.2.2、Bitcoin的交易流程 12
圖2.1.2.3、Merkle Tree的資料結構 13
圖2.1.2.4、以Merkle Tree舉例零知識證明 15
圖2.1.3.1、Smart Contract執行流程圖 16
圖2.1.4.1、分散式帳本架構概念圖 17
圖2.2.1.1、Hyperledger項目概覽圖 19
圖2.3.1.1、Bitcoin網路交易驗證過程 22
圖2.3.1.2、Fabric網路驗證交易過程 23
圖2.3.1.3、Fabric交易執行流程 24
圖2.3.3.1、Fabric CA架構圖 26
圖2.3.4.1、Idemix流程示意圖 27
圖2.3.5.1、以物流管理舉例Chaincode架構 28
圖2.3.5.2、以物流管理舉例Endorsement policy 29
圖2.3.6.1、初始化的Raft集群節點 30
圖2.3.6.2、Candidate節點發起投票請求 30
圖2.3.6.3、Candidate透過投票成為Leader節點 31
圖2.3.6.4、Leader節點發送Heartbeat Messages 31
圖2.4.1、Hyperledger Caliper架構圖 32
圖2.4.2、Benchmarks配置範例 34
圖2.4.3、Networks配置範例 35
圖2.4.4、Workload配置範例 36
圖2.5.1、VM與Docker結構比較 37
圖2.5.1.1、Docker使用流程圖 38
圖2.5.2.1、Docker Compose YAML檔案格式 38
圖3.1.1.1、透過公鑰加密訊息以防竄改 41
圖3.1.1.2、透過私鑰加密訊息以防偽造 42
圖3.1.2.1、數位經濟的範疇示意圖 43
圖3.1.2.2、以Solidity編寫的Smart Contract範例 44
圖3.1.3.1、智慧都市概念示意圖 45
圖3.1.3.2、傳統智慧都市系統架構圖 46
圖3.1.3.3、區塊鏈結合智慧都市系統架構圖 47
圖3.2.1.1、Bitcoin Script範例 50
圖3.2.1.2、Bitcoin Script中所定義的操作碼 51
圖3.2.1.3、Bitcoin Script執行流程示意圖 52
圖3.2.1.4、鎖定腳本與解鎖腳本組合 53
圖3.2.1.5、Bitcoin交易流程示意圖 53
圖3.2.2.1、Ethereum 1.0到2.0發展階段 55
圖3.2.2.2、Ethash共識協議執行流程 55
圖3.2.2.3、Ethereum中的區塊定義 56
圖3.2.2.4、叔塊的代數定義 57
圖3.2.2.5、Ethereum的Difficulty歷史數值 60
圖3.3.1.1、透過SGE技術減少攻擊面 62
圖3.3.1.2、SGE技術中應用程式的執行流程 63
圖3.3.2.1、基於第三方的銀行業協作流程 64
圖3.3.2.2、基於區塊鏈的銀行業協作流程 65
圖3.3.2.3、Corda節點與Notary的信任關係 66
圖3.3.2.4、State的結構示意圖 68
圖3.3.2.5、一個State中對應的Status 69
圖3.3.2.6、State中的Paths Constraints示意圖 70
圖3.3.2.7、CorDapp中的Flow示意圖 71
圖4.1.1、基於Hyperledger Fabric的資料儲存管理平台流程圖 74
圖4.1.2、帳本資料模型 74
圖4.2.1、authorisation資料結構 75
圖4.2.2、申請授權流程圖 76
圖4.2.3、驗證授權流程圖 77
圖4.3.1、database資料結構 79
圖4.3.2、role資料結構 79
圖4.3.3、新增資料庫流程圖 80
圖4.3.4、新增資料庫角色流程圖 81
圖4.4.1、dataAccessLog資料結構 82
圖4.4.2、新增資料存取紀錄流程圖 82
圖5.1.1、實驗環境區塊鏈網路示意圖 85
圖5.2.1、以生產履歷舉例使用案例 86
圖5.2.1.1、消費者透過Chincode驗證生產履歷 87
圖5.2.1.2、區塊鏈中僅能新增資料而不能更動或刪除 87
圖5.3.1、傳統區塊鏈系統開發流程圖 88
圖5.3.2、簡化區塊鏈系統開發流程圖 89
圖5.4.1、Hyperledger Caliper示意圖 90
圖5.4.2、Throughput (TPS)測試 91
圖5.4.3、Send Rate (TPS)測試 91
圖5.4.4、Max Latency (s)測試 92


表3.1、非許可制與許可制區塊鏈比較表 39
表3.1.1.1、法幣與加密貨幣比較 40
表3.1.4.1、區塊鏈特性與其應用需求 48
表3.1.4.2、區塊鏈特性的注意事項 49
表3.3.1.1、Sawtooth與Fabric的區別比較 61
表5.1.1、硬體設備規格表 84
表5.1.2、軟體環境規格表 84
表5.1.3、Organization定義表 85

[1]S. Nakamoto, “Bitcoin: A Peer-to-Peer Electronic Cash System,” [Online]. Available: https://bitcoin.org/, 2008.
[2]L. Pawczuk, J. Holdowsky, R. Massey and B. Hansen, “Deloitte’s 2020 Global Blockchain Survey: from promise to reality,” [Online]. Available: https://www.deloitte.com/, 2020.
[3]T. T. A. Dinh, R. Liu, M. Zhang, G. Chen, B. C. Ooi and J. Wang, “Untangling Blockchain: A Data Processing View of Blockchain Systems,” IEEE Transactions on Knowledge and Data Engineering, 30(7), pp. 1366-1385, 2018.
[4]S. Zhang and J. H. Lee, “Analysis of the main consensus protocols of blockchain,” ICT Express, 6(2), pp. 93-97, 2020.
[5]V. G. Martínez, L. Hernández-Álvarez and L. H. Encinas, “Analysis of the Cryptographic Tools for Blockchain and Bitcoin,” Mathematics, 8(1), pp. 131, 2020.
[6]E. A. Brewer, “Towards robust distributed systems,” Proc. of the Nineteenth Annual ACM Symposium on Principles of Distributed Computing, 7(10.1145), pp. 343477-343502, 2000.
[7]S. Gilbert and N. Lynch, “Brewer's conjecture and the feasibility of consistent, available, partition-tolerant web services,” ACM SIGACT News, 33(2), pp. 51-59, 2002.
[8]A. Gervais, G. O. Karame, K. Wüst, V. Glykantzis, H. Ritzdorf and S. Capkun, “On the security and performance of proof of work blockchains,” Proc. of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 3-16, 2016.
[9]F. Saleh, “Blockchain without Waste: Proof-of-Stake,” The Review of Financial Studies, 34(3), pp. 1156-1190, 2021.
[10]L. Lamport, R. Shostak and M. Pease, “The Byzantine Generals Problem,” ACM Transactions on Programming Languages and Systems, 4(3) pp. 382-401, 1982.
[11]M. Castro and B. Liskov, “Practical byzantine fault tolerance,” Proc. of the 3rd Symposium on Operating Systems Design and Implementation, 99, pp. 173-186, 1999.
[12]J. S. Coron, Y. Dodis, C. Malinaud and P. Puniya, “Merkle-Damgård revisited: How to construct a hash function,” Proc. of the Annual International Cryptology Conference, pp. 430-448, 2005.
[13]V. Lozupone, “Analyze encryption and public key infrastructure (PKI),” International Journal of Information Management, 38(1), pp. 42-44, 2018.
[14]A. Mallik, “Man-in-the-middle-attack: Understanding in simple words,” Cyberspace: Jurnal Pendidikan Teknologi Informasi, 2(2), pp. 109-134, 2019.
[15]M. Yu, S. Sahraei, S. Li, S. Avestimehr, S. Kannan and P. Viswanath, “Coded merkle tree: Solving data availability attacks in blockchains,” Proc. of the International Conference on Financial Cryptography and Data Security, pp. 114-134, 2020.
[16]X. Yang and W. A. Li, “A zero-knowledge-proof-based digital identity management scheme in blockchain,” Computers & Security, 99, 2020.
[17]E. Androulaki, A. Barger, V. Bortnikov, C. Cachin, K. Christidis and A. D. Caro, et al., “Hyperledger fabric: A distributed operating system for permissioned blockchains,” Proc. of the Thirteenth EuroSys Conference, pp. 1-15, 2018.
[18]V. Chakravaram, S. Ratnakaram, E. Agasha and N. S. Vihari, “The Role of Blockchain Technology in Financial Engineering,” Proc. of the 3rd International Conference on Communications and Cyber Physical Engineering, pp. 755-765, 2020.
[19]P. Lucena, A. P. Binotto, F. D. S. Momo and H. Kim, “A case study for grain quality assurance tracking based on a Blockchain business network,” Proc. of the Symposium on Foundations and Applications of Blockchain, pp. 31, 2018.
[20]S. Shalaby, A. A. Abdellatif, A. Al-Ali, A. Mohamed, A. Erbad and M. Guizani, “Performance Evaluation of Hyperledger Fabric,” Proc. of the IEEE International Conference on Informatics, IoT, and Enabling Technologies, pp. 608-613, 2020.
[21]D. Ongaro and J. Ousterhout, “In search of an understandable consensus algorithm,” Proc. of the 2014 USENIX Annual Technical Conference, pp. 305-320, 2014.
[22]B. B. Rad, H. J. Bhatti and M. Ahmadi, “An introduction to docker and analysis of its performance,” International Journal of Computer Science and Network Security, 17(3), pp. 228-235, 2017.
[23] M. Xu, X. Chen and G. Kou, “A systematic review of blockchain,” Financial Innovation, 5(1), pp. 1-14, 2019.
[24] Z. Zheng, S. Xie, H. Dai, X. Chen and H. Wang, “An overview of blockchain technology: Architecture, consensus and future trends,” Proc. of the 2017 IEEE International Congress on Big Data, pp. 557-564, 2017.
[25]S. Pongnumkul, C. Siripanpornchana and S. Thajchayapong, “Performance analysis of private blockchain platforms in varying workloads,” Proc. of the 2017 26th International Conference on Computer Communication and Networks, pp. 1-6, 2017.
[26]S. Pahlajani, A. Kshirsagar and V. Pachghare, “Survey on private blockchain consensus algorithms,” Proc. of the 2019 1st International Conference on Innovations in Information and Communication Technology, pp. 1-6. 2017.
[27]D. Efanov and P. Roschin, “The all-pervasiveness of the blockchain technology,” Procedia Computer Science, 123, pp. 116-121, 2018.
[28]A. Jumde and B. Y. Cho, “Can cryptocurrencies overtake the fiat money?,” International Journal of Business Performance Management, 21(1-2), pp. 6-20, 2020.
[29]R. Bukht and R. Heeks, “Defining, conceptualising and measuring the digital economy,” GDI Development Informatics Working Papers, 68, 2017.
[30]A. S. Andreou, P. Christodoulou and K. Christodoulou, “A decentralized application for logistics: Using blockchain in real-world applications,” The Cyprus Review, 30(2), pp. 181-193, 2018.
[31]Y. Y. Hsieh, J. P. Vergne, P. Anderson, K. Lakhani and M. Reitzig, “Bitcoin and the rise of decentralized autonomous organizations,” Journal of Organization Design, 7(1), pp. 1-16, 2018.
[32]Y. Chen and C. Bellavitis, “Blockchain disruption and decentralized finance: The rise of decentralized business models,” Journal of Business Venturing Insights, 13, 2020.
[33]B. Vitalik, “A Next Generation Smart Contract and Decentralized Application Platform,” [Online]. Available: https://blockchainlab.com/, 2013.
[34]K. Su, J. Li and H. Fu, “Smart city and the applications,” Proc. of the 2011 international conference on electronics, communications and control, pp. 1028-1031, 2011.
[35]P. K. Sharma and J. H. Park, “Blockchain based hybrid network architecture for the smart city,” Future Generation Computer Systems, 86, pp. 650-655, 2018.
[36]S. Tönnissen, J. H. Beinke and F. Teuteberg, “Understanding token-based ecosystems–a taxonomy of blockchain-based business models of start-ups,” Electronic Markets, 30(2), pp. 307-323, 2020.
[37]A. Meynkhard, “Fair market value of bitcoin: Halving effect,” Investment Management and Financial Innovations, 16(4), pp. 72-85, 2019.
[38]X. Yang, W. F. Lau, Q. Ye, M. H. Au, J. K. Liu and J. Cheng, “Practical escrow protocol for bitcoin,” IEEE Transactions on Information Forensics and Security, 15, pp. 3023-3034, 2020.
[39]G. Wood, “Ethereum: A secure decentralised generalised transaction ledger,” [Online]. Available: https://blockchainlab.com/, 2013.
[40]H. Peng, C. Ling and Y. Li, “Application and Research of Heterogeneous Computing in Ethereum Consensus Algorithm,” Proc. of the 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification, pp. 263-267, 2019.
[41]B. Biais, C. Bisiere, M. Bouvard and C. Casamatta, “The blockchain folk theorem,” The Review of Financial Studies, 32(5), pp. 1662-1715, 2019.
[42]F. Ritz and A. Zugenmaier, “The impact of uncle rewards on selfish mining in ethereum,” Proc. of the 2018 IEEE European Symposium on Security and Privacy Workshops, pp. 50-57, 2018.
[43]K. Olson, M. Bowman, J. Mitchell, S. Amundson, D. Middleton and C. Montgomery, “Sawtooth: an introduction,” The Linux Foundation, 2018.
[44]B. Ampel, M. Patton and H. Chen, “Performance modeling of hyperledger sawtooth blockchain,” Proc. of the 2019 IEEE International Conference on Intelligence and Security Informatics, pp. 59-61, 2019.
[45]M. Sabt, M. Achemlal and A. Bouabdallah, “Trusted execution environment: what it is and what it is not,” Proc. of the 2015 IEEE Trustcom/BigDataSE/ISPA, pp. 57-64, 2015.
[46]V. Costan and S. Devadas, “Intel SGX Explained,” Cryptology ePrint Archive, 86, pp. 1-118, 2016.
[47]R. G. Brown, J. Carlyle, I. Grigg and M. Hearn, “Corda: an introduction,” R3 CEV, 1(15), 2016.
[48]M. Hearn and R. G. Brown, “Corda: A distributed ledger,” Corda Technical White Paper, 2016.
[49]C. Cachin and M. Vukolic, “Blockchain Consensus Protocols in the Wild,” Proc. of the 31st International Symposium on Distributed Computing, 91, 2017.
[50]M. Iqbal and R. Matulevičius, “Corda Security Ontology: Example of Post-Trade Matching and Confirmation,” Baltic Journal of Modern Computing, 8(4), pp. 638-674, 2020.
[51] M. Alessi, A. Camillo, E. Giangreco, M. Matera, S. Pino and D. Storelli, “Make users own their data: A decentralized personal data store prototype based on ethereum and ipfs,” Proc. of the 2018 3rd International Conference on Smart and Sustainable Technologies, pp. 1-7, 2018.
[52] N. B. Truong, K. Sun, G. M. Lee and Y. Guo, “GDPR-Compliant Personal Data Management: A Blockchain-Based Solution,” IEEE Transactions on Information Forensics and Security, 15, pp. 1746-1761, 2020.