AuditTrust: a blockchain-based secure audit trail for data sharing in distributed environment

In recent years, there has been a significant push toward developing and finding trust-building technologies in distributed system environments, especially for sharing data between mutually mistrusting entities. One of the key factors is to ensure data integrity, that is to ensure that data being shared has not been manipulated. To this aim, the ability to trace and audit data usage from its creation is a key component of such trust-building technologies: by recording all data accesses and modifications in an access log, we have a history of any data processing such that we can easily detect when data has been tampered with and who is behind this manipulation. However, for audit trail data to be useful, it must be correct and immutable. Moreover, mechanisms are also needed to enforce disclosure controls: data being shared must not be disclosed to unauthorized individuals. In this work, we present AuditTrust, a blockchain-based secure audit trail for data sharing in a distributed environment. AuditTrust is a prototype dedicated for smart traffic applications, whose main objectives are: 1° allowing secure data sharing between parties that do not trust each other by providing them a reliable audit tool and access control mechanisms; 2° being scalable and 3° minimizing costs imputed by the use of blockchain technology. To this aim, it combines several technologies together, such as Hyperledger Besu, IPFS, Intel SGX and Vault. Our evaluation shows that our system works correctly, even under pressure.