Secure Gateway on the Fly
The GLASS project introduces OpenDSU, a framework that allows the development of dapps that are dynamically disassembled and assembled in blockchain anchored data; Under OpenDSU both data and the execution environment are dynamically anchored in the blockchain. Though this has the benefit of having a blockchain agnostic infrastructure, the keys that allow users to assemble and decrypt their dapps reside at the DSU level and are only accessible via the Wallet app.
What’s noteworthy about this approach is that ledger user accounts that are typical of private blockchains, such as the HyperLedger Fabric, cannot be directly mapped to Wallet users. As a result, while Wallet users enjoy a fully protected environment, the DSUs cannot provide any meaningful information to 3rd parties, as they can only make sense in the context of the Wallet and only by having the relevant key. While anonymity and encryption are key mechanisms for ensuring data privacy, it is often the case that end users may want to store some information publicly, either for providing input to 3rd party software or in case they are willing to access some information from an environment outside the Wallet.
In GLASS we implement a special security component, named the Secure Gateway. The Secure Gateway has two main functions: a) It provides a cross-ledger chaincode component that intercepts transaction data before the creation of the DSU and stores them, in a human-readable manner, in the ledger and b) provides access mechanisms, based on the Wallet's user management system as well as the one innate on HLF to securely provide access to anonymized transaction data.