Data Protection and Accountability module
The Data Protection and Accountability (DPA) module will be responsible for storing audit logs of activities performed on the Collaborative Threat Intelligence (CTI) database through the Advanced Threat Intelligence Orchestrator.
The purpose and primary role of the DPA module within the IRIS architecture is to:
- Ensure accountability, auditing and traceability of every activity performed in the CTI database, using the Advanced Threat Intelligence Orchestrator;
- Protect data privacy by enforcing robust encryption and data sharing schemes;
- Ensure access control/privacy of audit logs stored in the off-chain database, so that only system auditors can access audit logs;
- Provide a distributed data retrieval service via blockchain technology, for the (encrypted) data stored in the off-chain database;
The DPA module can also be seen as the combination of encryption/secret sharing schemes with a distributed ledger technology (DLT). The main component of the DPA module is the Hyperledger Fabric blockchain, which provides immutability and traceability of stored data. In addition, this blockchain enables the implementation of smart contracts, which are digital programs that can describe complete business logic and access policies (that cannot be modified due to the blockchain’s immutability)
The module employs the self-encryption scheme to achieve robust encryption of the CTI audit log data issued by the Advanced Threat Intelligence Orchestrator. Performing self-encryption results in multiple chunks of encrypted data with dedicated secret keys (as many as the number of chunks). The encrypted chunks are then stored in an off-chain database as part of the DPA architecture. The hash values of the chunks, which constitute the digital fingerprint of the encrypted chunks, are used as a reference in the off-chain database. These hash values are stored on the distributed ledger with two main purposes: to provide immutable storage of references corresponding to the encrypted data chunks, and to detect whether the encrypted data has been modified in the off-chain database (i.e., by comparing the hash values of the off-chain data and the hash values on the ledger).
Since the secret keys dedicated to the encrypted data chunks must remain secret, a Shamir secret sharing scheme is applied. The novelty of DPA is that the sharing of secret keys is performed between peers of the blockchain’s peer nodes with specific access controls and with authentication credentials issued by MeliCERTes.
Data recovery can be performed when an auditor provides the unique identifier of the corresponding CTI audit log.