This repository contains the code for my thesis, "Enhancing privacy in the Solid protocol through Attribute-Based Encryption" (KU Leuven, Master of Cybersecurity). The goal of the thesis was to change the trust model of the POD providers in the Solid architecture from honest to semi-honest, i.e. they follow the protocol but may be curious about the data they store. The Solid project1 is an open-source initiative aimed at decentralizing the web, and returning control of personal data to end users.
The extension demonstrates how end-to-end encryption (E2EE) can be integrated into the Solid framework using a cryptographic primitive called attribute-based encryption (ABE)2. This enables systems that are unwilling to entrust POD providers with their users' data, such as electronic health record (EHR) systems, to be built on top of Solid and benefit from the features it offers, such as application interoperability. For more information about Solid, ABE and the extended protocol, see the full text.
The diagram shows the different components in the extended architecture. The asterisks indicate that the data is encrypted using ABE. This repository contains:
- An implementation of two decentralized ABE schemes.
- An implementation of an attribute authority (AA).
- An implementation of a client that can encrypt and decrypt resources with ABE.
- An implementation of a demo application using all of the above.
The demo application, called ehealth, is a digital wallet for medical data.
- Install the dependencies for each module (i.e. run
npm iin the subfolders). - Run
npm run buildin the abe-wasm and solid-e2ee-client subfolders. - Run
npm run demoin the ehealth subfolder. - Go to
http://localhost:5173.
Note that the POD provider is automatically seeded with PODs and accounts, which are in turn linked to the attributes defined by the authorities the application uses.