Analysis of architectural variants for auditable blockchain-based private data sharing

Many applications by design depend on costly trusted third-party auditors. One such example is the industrial application case of federated multi-disciplinary optimization (MDO), in which different organizations contribute to a complex engineering design effort. Although blockchain and distributed ledger technology (DLT) has strong potential in reducing the dependence on such intermediaries, the architectural complexity involved in designing a solution is daunting. In this paper, we analyze the architectural variants for decentralized private data sharing while guaranteeing auditability and non-repudiation of data access operations, as well availability of the shared data. The architectural variants analyzed focus on attaining: (i) confidential data exchange, (ii) governing access to the shared data, (iii) providing data access auditability, and (iv) data validation or conflict resolution. We systematically enumerate architectural decisions at the levels of: storage, policy-based file access control, data encryption methods, and auditability mechanisms for private data. The main contribution of this work is a comprehensive overview of architectural variants for decentralized control of private encrypted data, and the involved trade-offs in terms of performance, storage overhead, auditable trust and security. These findings are validated in the context of the aforementioned industry case that involves federated multi-disciplinary optimization (MDO).