[Retracted] A Study on Resource Security under Legal Protection of e-Commerce Data Sovereignty Based on Blockchain Network

Cheng, Yishuang; Pan, Juan

doi:https://doi.org/10.1155/2022/3713891

Security and Communication Networks

On this page

Abstract Introduction Related Work Discussion Conclusion Data Availability Conflicts of Interest References Copyright Related Articles

Research Article Retraction

!

This article has been Retracted. To view the article details, please click the ‘Retraction’ tab above.

Special Issue

Computational Technologies for Malicious Traffic Identification in IoT Networks

View this Special Issue

Research Article | Open Access

Volume 2022 | Article ID 3713891 | https://doi.org/10.1155/2022/3713891

[Retracted] A Study on Resource Security under Legal Protection of e-Commerce Data Sovereignty Based on Blockchain Network

Yishuang Cheng¹and Juan Pan^2,3

Academic Editor: Muhammad Arif

Received22 Mar 2022

Accepted26 Apr 2022

Published13 May 2022

Abstract

With the growing demand for cross-border electronic data forensics, national sovereignty and international network security have ushered in great challenges, and how to achieve dynamic balance in various fields under cross-border electronic data forensics, advance the process of global cyberspace governance, reach international consensus, and achieve win-win cooperation is a question that China needs to solve. Based on the above status quo, a blockchain-based secure e-commerce system is researched and implemented. Using the distributed architecture of the blockchain system and the automatic execution feature of smart contracts, a secure transaction application system is designed to realize decentralization and solve the problem of untrustworthy intermediate parties. Data storage is based on the mechanism of combining blockchain and offchain databases to ensure data security, and the characteristic of blockchain can only be appended and read to prevent the system from being tampered. The database index and the storage structure of smart contract commodity information and transaction information are established to improve the query efficiency. The functional and performance tests of the system show that the transaction processing efficiency is high in the multinode environment, and the response time of order and commodity status query can reach 80 ms. The design and development process of the system is introduced in detail, which is an important reference value for the application of blockchain technology in e-commerce.

1. Introduction

In the information age, human speech and behavior are closely linked with electronic data, and with the rise of big data and artificial intelligence, electronic data play an increasingly prominent role in social security, economic development, national defense security, and other fields [1]. In this context, electronic data forensics is increasingly important in criminal justice practice, and according to the European Commission’s 2019 report, 85% of criminal case investigations require electronic data [2]. Whether it is traditional property crimes, violent crimes, or new crimes such as computer crimes and cybercrimes, electronic data such as emails, message records, and browsing traces emerge as effective and powerful evidence [3].

The demand for cross-border electronic data forensics is mainly based on two types of situations: first, in the network era, due to the development of cloud storage and the convenience of transnational network communication, more and more of the country’s electronic data are stored outside the country; second, in recent years, cross-border crime, especially cross-border cybercrime, has shown a growing trend, and national criminal investigation agencies need to collect data outside the country as evidence in cases in the fight against these cross-border crimes [4, 5].

In the background of the lack of international law regulation, with the increase in the number of cases with cross-border electronic data forensics needs, international diplomatic conflicts have intensified and the call for legal regulation of such forensic activities has become increasingly strong [6, 7]. In 2000, Belgium enacted the Computer Crime Law and added provisions to the Code of Criminal Procedure, taking the lead in the global scope of “cross-border computer.” Based on the concerns of national sovereignty and citizens’ privacy, this law has not been followed by western countries [8].

e-commerce has become an important product of Internet development. Alipay uses OceanBase, a general-purpose relational database developed by Ant Financial Services, to support its huge transaction volume, which is based on a centralized e-commerce platform [9, 10].

Decentralized e-commerce systems have the advantages of low cost and high speed. In recent years, with the development of distributed public ledger blockchain technology, its storage layer distributed structure, consensus mechanism during transactions, cryptographic algorithms, and other features have achieved reliable mutual trust in transactions without third-party supervision, promoting the development of decentralized e-commerce transaction marketplaces. In April 2016, OpenBazaar1.0, a decentralized marketplace for transactions using bitcoin, was officially OpenBazaar that uses multisignature technology (multisig), which is a very reliable security technology in the blockchain space. The success of OpenBazaar provides ideas for developing secure e-commerce transaction systems [11, 12]. Ethereum is the second-generation blockchain platform after Bitcoin, and Turing-complete smart contracts make Ether programmable [13]. By deploying smart contracts on Ether instead of current-trusted intermediaries to complete transactions, the problem of untrustworthy intermediaries is avoided [14, 15]. Ethernet adopts the POW (Proof of Work) consensus mechanism and the POA (Proof of Authority) consensus mechanism, while the GHOST protocol solves the blockchain security problem when generating blocks quickly to guarantee the security of transactions [16, 17]. The whole transaction process is transparent, and the tamper-evident feature of blockchain guarantees that the transaction records are verifiable [18]. This system will further improve the functions in future research, such as the need to add logistics information to improve the practicality. The logistics party is essential for online shopping to guarantee the normal operation of the shipping, signing, and refunding functions of goods. This paper builds a decentralized secure e-commerce system based on the Ethernet platform and explores a new model for future online transactions, which has certain significance for the development of secure e-commerce.

At present, researchers have made some achievements in scientific data management and shared utilization, but the concept of scientific data sharing is weak and data sharing in many research institutes and government management functions still lacks effective policy and regulatory guarantees [19]. One of them is a conceptual model of blockchain-based shared services for facilitating data sharing; however, the research study only focuses on concepts and models without proposing practical solutions. Another is a blockchain-based medical data architecture to help users hold and share their medical data securely and easily without compromising privacy. They propose a purpose-based access model to enable patients to hold and master their medical data, and although they mention the potential promise of secure multiparty computing, they do not propose a concrete implementation solution. And, there is also a systematic discussion on how to use blockchain to store, retrieve, and share files in a decentralized environment [20]. This is the first proposal that specifically uses blockchain to achieve data integrity, and the discussion focuses on specific implementation measures such as defining transaction information and block information. In addition, the proposal also points out the potential threat of blockchain-based data platforms that cannot withstand quantum attacks. There is also a blockchain-based scheme supporting fine-grained access control and shared data, which, unlike the traditional scheme, grants full possession of user data rather than entrusting a trusted center (cloud server) to operate it, and it has moderate performance and is mainly targeted at IoT devices. Obviously, it cannot meet the processing needs of blockchain-based data platforms for huge amounts of transaction data. There is also a blockchain-based medical data sharing framework in the cloud environment, which adequately addresses the access control issues related to sensitive data stored in the cloud environment, but the pervasiveness is still slightly lacking. There is also the FHIRChain prototype for providing more interactive medical diagnosis services to users, which implements a series of requirements for user identification, authentication, and secure data exchange. There is also a security and privacy-preserving, blockchain-based personal medical information sharing scheme, which allows users’ medical information to be securely and controllably accessed and used for improving medical diagnostic services by applying searchable encryption based on public key cryptography. Reference [20] summarizes and concludes the application of the zero-knowledge proof-based privacy protection scheme in blockchain technology and introduces a privacy protection scheme for blockchain transaction data represented by the hybrid coin mechanism.

3. Scheme Designed

The data layer consists of blockchain and MySQL databases as storage facilities. The system stores sensitive and noncritical data in the MySQL database with a default InnoDB engine. The application layer is designed with an additional authentication mechanism at the time of client login to ensure user security and prevent DDoS attacks using authentication codes, as shown in Figure 1.

3.1. Smart Contract Data Storage

Smart contracts and their related data are stored in the blockchain. The data types are memory, storage, and calldata, where the data that need to be stored permanently are set as storage type by the smart contract and are stored persistently in the database LevelDB on disk. In this system, new contracts are deployed to the blockchain with the creation of new goods, and the contract goods information is recorded as shown in Table 1. Good trade info records the current status of each good, and the entities eligible to own the goods include sellers, buyers, and smart contracts, when a good is being traded; in order to ensure the reliability and fairness of the transaction, the good should be owned by the smart contract at this time. When an item is traded, the item should be owned by the smart contract, which plays the role of a trusted third party. The specific information is shown in Table 2.

buyer_record_info records the details of an order in which the user purchased the current contracted item and can track the status of the item given the user and the contracted address of the item, as defined in Table 3. The buy_ good_No array records the user’s purchase item number, and if sign records the receipt of each order and the starting and ending position of the item number record for each order in buy_good_No.

3.2. Transactions

This section describes the transaction execution process of the system and the specific process of different kinds of transactions.

In order to record the identity of the seller, the smart contract owned by the owner of the commodity is designed and the modifier is used to verify the current user and ensure that the user who subsequently operates the commodity is the seller. Each commodity is represented by a contract, and the commodity can be operated through its deployed address. The following are the transaction functions of the system [21, 22]:(1)Create commodity: when deploying a smart contract, the smart contract is compiled into a java class. The constructor is called to deploy the commodity contract to the Ethernet network, and the contract address is obtained at the same time.(2)Adding commodities: since the only user with the ability to add a commodity should be the person who created the current contract (i.e., the seller), a modifier is used to restrict the originator of the message calling this function to be the owner of this commodity contract.(3)Buying commodities: the atomicity of the transaction execution is guaranteed in Ethernet. If the transaction execution condition is not satisfied, the contract will not execute the output. When the system performs a purchase operation, it first confirms that the commodity balance is sufficient and then performs the core operation of the transaction [23, 24]. The key operation for executing a transaction is the change of the state of the smart contract buyer_record structure, as shown in Figure 2. When a new purchase transaction is generated, first, the status of 1 (or n) item(s) selected for sale in good_trade_info is updated and buy_good_No is appended backwards with the id of the previously traded item, and correspondingly, the metadata information of the buy_good_No queue is appended to if_sign to retrieve the transaction record and the transaction status of buy_good_No and the status of the transaction, including the start record position (sp), the end record position (ep), and the current order status (state) of the current transaction in buy_good_No. After the execution of the buy product function, the status of the receipt is recorded as “unsigned,” as shown in the following pseudocode.(4)Signing the item: a transaction record is generated when the contract purchase function is executed, and the if_sign array is appended with a set of records containing three elements. After verifying that the sign condition is satisfied before executing the sign operation, the owner of all goods purchased by transaction k is updated to the buyer and the transfer is executed. Finally, the transaction status information of transaction k in the if_sign array is updated to be signed. After the operation is completed, the smart contract outputs the result; otherwise, the contract execution fails and rolls back [25, 26].(5)Refund: the refund function procedure flow is similar to the signed receipt, and the difference is that the refund does not require the user to pay Ether and does not verify the payment information. The product status is reset to the initial state, and the transaction status in the if_sign array is updated to be refunded.

4. Experimental Analysis

The execution time of transactions on the blockchain is tested. Figure 3 shows the transaction processing time of user orders for different quantities of goods purchased and signed for, and the average processing time is around 3600 ms. The results show that the core logic of the smart contract of this system is reasonably designed and has a high practicality to run in a private chain or federated chain environment.

Compared with the traditional centralized e-commerce transaction system, the transaction order processing efficiency of this system is low, which is mainly limited to the PoW consensus mechanism. In future practical applications, the blockchain consensus mechanism needs to be optimized to improve the processing efficiency under the premise of ensuring transaction security.

The response time of querying the status of commodity transactions on the blockchain is tested. The total number of commodities is 500, and the response time of querying the commodity transaction status is recorded by calling the smart contract query method through a script with commodity id as the parameter as shown in Figure 4; the response time is proportional to the number of commodities queried, as expected. The average response time is around 110 ms, which shows high efficiency.

The response time of the querying order status is tested. The results show that the average response time for each order query is 95.2 ms, and the fastest response time is 80 ms as shown in Figure 5, which is a faster query speed. The results of experiment 3 and experiment 4 show that the smart contract storage structure designed by this system is more efficient in data query. The underlying blockchain database LevelDB has certain limitations in query performance, and the future optimization of query efficiency can be started from two aspects: one way is to modify and optimize the underlying LevelDB database and add auxiliary indexes inside the blockchain storage structure; the other way is to set the outreach database and synchronize the blockchain data to the outreach database for query optimization.

Based on multiple blockchain nodes, the impact of the number of nodes on the processing time of concurrent transactions is tested. In blockchain networks with different numbers of nodes, 100 commodity purchase transactions are sent concurrently, waiting for the return transaction results and recording the processing time. The experimental results show that the number of nodes has a certain influence on the transaction processing time, as shown in Figure 6, and the increase in the number of nodes will appropriately shorten the response time, which indicates that the execution of Ethernet is more efficient in a multinode network environment. However, compared with the traditional transaction system with 10 million concurrency, the gap is large. The current more mainstream optimization schemes include lightning network, sharding, and side chain.

5. Discussion

In the case of China, the “Rules for Computer Crime Scene Investigation and Electronic Evidence Inspection” report issued in 2005 has provided that the investigative authorities can “investigate the remote target system through the network in order to extract and fix the state of the remote target system and the electronic data retained.”

In 2014, the Supreme People’s Court, the Supreme People’s Procuratorate, and the Ministry of Public Security issued “Opinions on the Application of Criminal Procedures in Handling Cybercrime Cases.” Article 15 stipulates that electronic data can be extracted if the original media is located outside the country and cannot be obtained. This is the first time for China to make clear provisions on cross-border remote extraction of electronic data.

To further regulate the use of electronic data in criminal proceedings, in 2016, China promulgated “Provisions on Several Issues Concerning the Collection and Extraction and Examination and Judgment of Electronic Data for Criminal Cases.” Article 9 further clarifies the power of investigative authorities to collect data directly from abroad: “for electronic data whose original storage media are located outside the country or on remote computer information systems, the can be extracted online through the network. To further identify the situation, if necessary, the remote computer information system network remote inspection. Network remote investigation, the need to take technical investigative measures, should be approved by strict procedures.”

The Ministry of Public Security on February 1, 2019, began to formally implement the “Rules for Electronic Data Forensics in Criminal Cases by Public Security Organs.” So far, China’s investigative agency cross-border electronic data forensics system is basically established and its content includes the specific conditions for cross-border electronic data forensics and forensic means to become China’s domestic law to support cross-border electronic data forensics.

Obviously, all countries are based on the principle of maximizing their own interests, for their own cross-border electronic data forensics to take the initiative to relax the attitude and, at the same time, to other countries to receive data in their own territory to impose strict restrictions. Whether it is the long-arm jurisdiction principle proposed by the US “Cloud Act,” or the European Union’s “EU Electronic Evidence Regulation,” or China’s “International Criminal Judicial Assistance Law,” the fragmented legislation of each country has caused confusion in international cyberspace governance; in order to improve this situation and promote the process of global cyberspace governance, all countries in the world must adhere to the basic principles of international law respect for sovereignty, equality, and reciprocity. On the basis of international law respect for sovereignty and basic principles of equality and reciprocity, all countries in the world must actively promote the formulation of rules, build an international unified program for cross-border electronic data forensics, strengthen and deepen international cooperation, break through the dilemma of cross-border electronic data forensics, and achieve win-win cooperation.

Achieving the unity of legality and efficiency of cross-border electronic data forensics is the goal and pursuit of international MLA (Modern Language Association) procedures. On the one hand, it is necessary to respect national sovereignty and network security and avoid unilateralism in the way of forensics; on the other hand, it is also necessary to improve efficiency and complete the task of forensics in a timely manner so as to effectively combat crime and maintain order.

The current international MLA procedures are complicated and time-consuming, which are not conducive to combating cybercrimes, cross-border crimes, and other criminal activities and cannot meet the realistic needs of electronic data forensics, so simplifying international MLA procedures is a necessary measure to strengthen international cooperation.

6. Conclusion

The demand and necessity of cross-border electronic data forensics in today’s era bring great challenges to national sovereignty and international network security, and how to realize the dynamic balance of various fields under cross-border electronic data forensics is a problem that we have to explore and solve at present and all the time in the future. Compared with the traditional transaction system, the blockchain-based platform stores the transaction information and realizes the decentralization and the normal operation of the transaction is guaranteed by the contract. This system will further improve the functions in future research, such as the need to add logistics information to improve the practicality. The logistics party is essential for online shopping to guarantee the normal operation of the shipping, signing, and refunding functions of goods. This paper builds a decentralized secure e-commerce system based on the Ethernet platform and explores a new model for future online transactions, which has certain significance for the development of secure e-commerce.

Data Availability

The raw data supporting the conclusions of this article will be made available by the authors, without undue reservation.

Conflicts of Interest

The authors declare that they have no conflicts of interest regarding this work.

References

H. Treiblmaier and C. Sillaber, “The impact of blockchain on e-commerce: a framework for salient research topics,” Electronic Commerce Research and Applications, vol. 48, Article ID 101054, 2021.
View at: Publisher Site | Google Scholar
R. D. Taylor, ““Data localization”: the internet in the balance,” Telecommunications Policy, vol. 44, no. 8, Article ID 102003, 2020.
View at: Publisher Site | Google Scholar
B. Yin, H. Yin, Y. Wu, and Z. Jiang, “FDC: a secure federated deep learning mechanism for data collaborations in the Internet of Things,” IEEE Internet of Things Journal, vol. 7, no. 7, pp. 6348–6359, 2020.
View at: Publisher Site | Google Scholar
I. Konstantinidis, G. Siaminos, C. Timplalexis, P. Zervas, V. Peristeras, and S. Decker, “Blockchain for business applications: a systematic literature review,” Business Information Systems, Springer, Berlin, Germany, pp. 384–399, 2018.
View at: Publisher Site | Google Scholar
U. U. Uchibeke, K. A. Schneider, S. H. Kassani, and R. Deters, “Blockchain access control ecosystem for big data security,” in Proceedings of the 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 1373–1378, IEEE, Halifax, NS, Canada, 2018, July.
View at: Google Scholar
S. Vanaja and M. Belwal, “Aspect-level sentiment analysis on e-commerce data,” in Proceedings of the 2018 International Conference on Inventive Research in Computing Applications (ICIRCA), pp. 1275–1279, IEEE, Coimbatore, India, 2018, July.
View at: Google Scholar
Z.-wan Zhang, Di Wu, and C.-jiong Zhang, “Study of cellular traffic prediction based on multi-channel sparse LSTM,” Computer Science, vol. 48, no. 6, pp. 296–300, 2021.
View at: Publisher Site | Google Scholar
S. Akter and S. F. Wamba, “Big data analytics in E-commerce: a systematic review and agenda for future research,” Electronic Markets, vol. 26, no. 2, pp. 173–194, 2016.
View at: Publisher Site | Google Scholar
S. H. Aboutorabi, M. Rezapour, M. Moradi, and N. Ghadiri, “Performance evaluation of SQL and MongoDB databases for big e-commerce data,” in Proceedings of the 2015 International Symposium on Computer Science and Software Engineering (CSSE), pp. 1–7, IEEE, Tabriz, Iran, 2015, August.
View at: Publisher Site | Google Scholar
D. R. Wijaya, N. L. P. S. P. Paramita, A. Uluwiyah, M. Rheza, A. Zahara, and D. R. Puspita, “Estimating city-level poverty rate based on e-commerce data with machine learning,” Electronic Commerce Research, vol. 22, no. 1, pp. 195–221, 2020.
View at: Publisher Site | Google Scholar
U. Rahardja, T. Hariguna, and W. M. Baihaqi, “Opinion mining on e-commerce data using sentiment analysis and k-medoid clustering,” in Proceedings of the 2019 Twelfth International Conference on Ubi-Media Computing, pp. 168–170, IEEE, Bali, Indonesia, 2019, August.
View at: Publisher Site | Google Scholar
S. Zoghbi, I. Vulić, and M.-F. Moens, “Latent Dirichlet allocation for linking user-generated content and e-commerce data,” Information Sciences, vol. 367-368, pp. 573–599, 2016.
View at: Publisher Site | Google Scholar
J. Tagliabue, C. Greco, J. F. Roy et al., “Sigir 2021 E-Commerce Workshop Data challenge,” 2021, https://arxiv.org/abs/2104.09423.
View at: Google Scholar
K. Zheng, Z. Zhang, and B. Song, “E-commerce logistics distribution mode in big-data context: a case analysis of JD.COM,” Industrial Marketing Management, vol. 86, pp. 154–162, 2020.
View at: Publisher Site | Google Scholar
G. Dong, J. Shen, Y. Jia, and F. Sun, “Comprehensive evaluation of water resource security: case study from Luoyang City, China,” Water, vol. 10, no. 8, p. 1106, 2018.
View at: Publisher Site | Google Scholar
Z. H. A. N. G. Zhengwan, Z. H. A. N. G. Chunjiong, L. I. Hongbing, and X. I. E. Tao, “Multipath transmission selection algorithm based on immune connectivity model,” Journal of Computer Applications, vol. 40, no. 12, p. 3571, 2020.
View at: Publisher Site | Google Scholar
P. An, Z. Wang, and C. Zhang, “Ensemble unsupervised autoencoders and Gaussian mixture model for cyberattack detection,” Information Processing & Management, vol. 59, no. 2, Article ID 102844, 2022.
View at: Publisher Site | Google Scholar
J.-Y. Zhang and L.-C. Wang, “Assessment of water resource security in Chongqing City of China: what has been done and what remains to be done?” Natural Hazards, vol. 75, no. 3, pp. 2751–2772, 2015.
View at: Publisher Site | Google Scholar
B. Ji, Y. Li, D. Cao, C. Li, S. Mumtaz, and D. Wang, “Secrecy performance analysis of UAV assisted relay transmission for cognitive network with energy harvesting,” IEEE Transactions on Vehicular Technology, vol. 69, no. 7, pp. 7404–7415, 2020.
View at: Publisher Site | Google Scholar
X. Lin, J. Wu, S. Mumtaz, S. Garg, J. Li, and M. Guizani, “Blockchain-based on-demand computing resource trading in IoV-assisted smart city,” IEEE Transactions on Emerging Topics in Computing, vol. 9, no. 3, pp. 1373–1385, 2021.
View at: Publisher Site | Google Scholar
J. Li, Z. J. Zhou, J. Li et al., “Decentralized on-demand energy supply for blockchain in internet of things: a microgrids approach,” IEEE Transactions on Computational Social Systems, vol. 6, no. 6, pp. 1395–1406, 2019.
View at: Publisher Site | Google Scholar
M. Zarei, “The water-energy-food nexus: a holistic approach for resource security in Iran, Iraq, and Turkey,” Water-Energy Nexus, vol. 3, pp. 81–94, 2020.
View at: Publisher Site | Google Scholar
S. Gu, A. Jenkins, S.-J. Gao et al., “Ensuring water resource security in China; the need for advances in evidence-based policy to support sustainable management,” Environmental Science & Policy, vol. 75, pp. 65–69, 2017.
View at: Publisher Site | Google Scholar
P. A. J. Lusty and A. G. Gunn, “Challenges to global mineral resource security and options for future supply,” Geological Society, London, Special Publications, vol. 393, no. 1, pp. 265–276, 2015.
View at: Publisher Site | Google Scholar
A. E. Bass and S. Chakrabarty, “Resource security: competition for global resources, strategic intent, and governments as owners,” Journal of International Business Studies, vol. 45, no. 8, pp. 961–979, 2014.
View at: Publisher Site | Google Scholar
D. Sun, J. Wu, F. Zhang, W. Su, and H. Hui, “Evaluating water resource security in karst areas using DPSIRM modeling, gray correlation, and matter-element analysis,” Sustainability, vol. 10, no. 11, p. 3934, 2018.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2022 Yishuang Cheng and Juan Pan. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Security and Communication Networks

Computational Technologies for Malicious Traffic Identification in IoT Networks

[Retracted] A Study on Resource Security under Legal Protection of e-Commerce Data Sovereignty Based on Blockchain Network

Abstract

1. Introduction

2. Related Work

3. Scheme Designed

3.1. Smart Contract Data Storage

3.2. Transactions

4. Experimental Analysis

5. Discussion

6. Conclusion

Data Availability

Conflicts of Interest

References

Copyright