0

I was wondering, can/should blockchain be used to store data that is insert-only but the data should be readable only to those that where the data was authorized.

So I was thinking that a blockchain would have elements except for header information for lookups. To make it slightly more efficient, I would say the header contains ID and Block type. Where block-type is one of "data" or "authorization", "access", "bucket"

The "data" block contains the ID as would everything else along with the data that is encrypted using a secret along with a SHA sum to help validate the result of the encryption.

The "authorization" block provides the ID and an asymmetrically encrypted version of the secret for the data block + data block ID. It also contains a hash of the public key. This would be keyed by n-fingerprint hashes and a hash algorithm identifier (this will help reduce the chance of duplication when the block chain size gets too large) where n >= 2)

The "access" block combines multiple authorizations together so those with the same hashes are grouped together. It will also combine buckets (explained later) that are used by the access block. So typically the "access" would be the smallest set and would be one of the key parts to be mined. The largest set of "authorizations" wins the mining.

The "bucket" block is like the access block but is combines the information stored in multiple "data" blocks into a single larger block. So there does not need to be a large scan of the blockchain to find the data. Like access, the largest bucket wins.

Another way I was thinking about this would be forgoing the "data" block and instead just have a ledger of authorizations with keys. These should be MUCH smaller and easier to distribute. The data itself will be placed in regulatory restricted centers though the data will not be readable in the regulatory restricted centers themselves. I think this is what MedicalChain may be doing.

BTW I am not sure if this type of question would be better placed here or something like programmer stack exchange. If so please move it there or others as needed.

Archimedes Trajano
  • 334
  • 4
  • 12
  • 1
    blockchains aren't even very good at the thing they're best at (though in that niche, everything else is worse), I would suggest you consider deeply whether a blockchain is actually beneficial to you if you're trying to use it for purposes other than it was designed for – Phoshi Jul 15 '19 at 17:34
  • I am thinking more of it as a distributed ledger of private data, which may likely be a bad scenario for it, seems like most of the blockchain implementations are a distributed ledger of public data. – Archimedes Trajano Jul 15 '19 at 18:11
  • I was thinking more of a federated data store for scalability but allow additional nodes to participate. – Archimedes Trajano Jul 15 '19 at 18:18
  • 1
    Blockchain isn't the core of your question; you're asking about a federated messaging system that you want to use Blockchain with. This would be like asking how to control access to a transaction log, when it makes much more sense to ask how to control access to the PostgreSQL server where the transaction log is stored. Blockchain is just data storage, and is the wrong spot to look at implementing authorization controls. – Ghedipunk Jul 15 '19 at 19:02
  • I was more thinking removing the data and letting blockchain just be authorizations and access to secrets that are used to decrypt data elsewhere. I think that's how MedicalChain does it. – Archimedes Trajano Jul 15 '19 at 19:16
  • Take a look at Storj, Siacoin and Filenet. – ThoriumBR Jul 15 '19 at 21:28

0 Answers0