Abstract:
Agricultural product supply chain and blockchain are closely integrated with the continuous acceleration of agricultural modernization. The clustered supply chain has gradually developed from a single supply chain in recent years. There is heat competition among peer enterprises in the clustered agricultural product supply chain blockchain. Among them, the data on the blockchain is publicly available to all participants. The private data on the chain has been adopted as an encrypted storage model, in order to protect users' privacy. The existing single-department supervision scheme is unsuitable for the complex cluster agricultural supply chain. The multi-sector supervision can be expected to serve as a promising way in the current reality. However, multi-department supervision is still challenging to ensure the sharing of encrypted data on the chain without redundant information for irrelevant departments. It is a high demand to improve supervision efficiency and credibility. Fortunately, the ciphertext-policy attribute-based encryption (CP-ABE) can be a one-to-numerous encryption, essentially a public key encryption system. The CP-ABE can realize the sharing of data for the users with specified attributes suitable for the application environment of multi-department supervision of the blockchain in the clustered agricultural supply chain. In this research, a multi-department supervision scheme was proposed in the verifiable blockchain ciphertext policy for the cluster agricultural supply chains using CP-ABE. A chain of custody was set up outside the business chain, including the supervisors from various departments to facilitate the management of supervisors. The chain of custody managed data on the business chain through “cross-chain governance”. Different supervision strategies were set for the data on the chain, according to the data type. The administrator of the supervision department was set as the department's supervisor to supervise the specific data of the specific chain. According to the supervision strategy on the chain, the enterprise users encrypted the data using CP-ABE to realize the disclosure of data for privacy. A CP-ABE-based access tree verification scheme was designed to combine the smart contracts and supervision strategies, and then to verify the CP-ABE access tree before the data was uploaded to the chain, in order to ensure that the data was available to the designated supervisor. The direct use of CP-ABE was inefficient for data encryption. Therefore, hybrid encryption was used to encrypt and share the data. The specific implementation was to encrypt the original data with symmetric encryption and then use the CP-ABE to encrypt the symmetric encryption key. A supervision prototype system was constructed under the blockchain ciphertext of the clustered agricultural supply chain using Hyperledger Fabric. The system was tested in two aspects of function and performance. The functional test showed that the system fully met the needs of essential multi-department supervision. The performance test showed that each time the number of supervisors in the supervision strategy increased by 10, while the average on-chain time was extended by about 500 ms, and the average throughput was 438 transactions/s. When the number of supervisors for a single data type of a single enterprise was within a reasonable range, the clustered system was adept to the multi-department supervision under the condition of the primary clustered agricultural supply chain blockchain ciphertext-application requirements. Security analysis indicated the high-security system. As such, this scheme can be expected suitable for the multi-departmental, specialized, and fine-grained supervision of data on the blockchain under data encryption. The pressure of regulators can be inspired by the development of blockchain supervision of cluster agricultural supply chains.