{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,3]],"date-time":"2026-02-03T18:08:48Z","timestamp":1770142128536,"version":"3.49.0"},"reference-count":53,"publisher":"Frontiers Media SA","license":[{"start":{"date-parts":[[2023,5,9]],"date-time":"2023-05-09T00:00:00Z","timestamp":1683590400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100002428","name":"Austrian Science Fund","doi-asserted-by":"publisher","award":["V 759-N"],"award-info":[{"award-number":["V 759-N"]}],"id":[{"id":"10.13039\/501100002428","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["frontiersin.org"],"crossmark-restriction":true},"short-container-title":["Front. Blockchain"],"abstract":"<jats:p>Decentralization initiatives such as Solid, Digi.me, and ActivityPub aim to give data owners more control over their data and to level the playing field by enabling small companies and individuals to gain access to data, thus stimulating innovation. However, these initiatives typically use access control mechanisms that cannot verify compliance with usage conditions after access has been granted to others. In this paper, we extend the state of the art by proposing a resource governance conceptual framework, entitled ReGov, that facilitates usage control in decentralized web environments. We subsequently demonstrate how our framework can be instantiated by combining blockchain and trusted execution environments. Through blockchain technologies, we record policies expressing the usage conditions associated with resources and monitor their compliance. Our instantiation employs trusted execution environments to enforce said policies, inside data consumers\u2019 devices. We evaluate the framework instantiation through a detailed analysis of requirments derived from a data market motivating scenario, as well as an assessment of the security, privacy, and affordability aspects of our proposal.<\/jats:p>","DOI":"10.3389\/fbloc.2023.1141909","type":"journal-article","created":{"date-parts":[[2023,5,9]],"date-time":"2023-05-09T20:41:32Z","timestamp":1683664892000},"update-policy":"https:\/\/doi.org\/10.3389\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["Blockchain based resource governance for decentralized web environments"],"prefix":"10.3389","volume":"6","author":[{"given":"Davide","family":"Basile","sequence":"first","affiliation":[]},{"given":"Claudio","family":"Di Ciccio","sequence":"additional","affiliation":[]},{"given":"Valerio","family":"Goretti","sequence":"additional","affiliation":[]},{"given":"Sabrina","family":"Kirrane","sequence":"additional","affiliation":[]}],"member":"1965","published-online":{"date-parts":[[2023,5,9]]},"reference":[{"key":"B1","first-page":"10:1","volume-title":"A semantic policy language for usage control","author":"Akaichi","year":""},{"key":"B2","volume-title":"Usage control specification, enforcement, and robustness: A survey","author":"Akaichi","year":""},{"key":"B3","doi-asserted-by":"publisher","first-page":"85675","DOI":"10.1109\/access.2020.2992698","article-title":"Trustworthy blockchain oracles: Review, comparison, and open research challenges","volume":"8","author":"Al-Breiki","year":"2020","journal-title":"IEEE Access"},{"key":"B4","first-page":"1","article-title":"Web 3.0: The decentralized web blockchain networks and protocol innovation","volume-title":"2018 1st international conference on computer applications and information security (ICCAIS)","author":"Alabdulwahhab","year":"2018"},{"key":"B5","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1109\/IRI.2018.00011","article-title":"Decentralized IoT data management using blockchain and trusted execution environment","volume-title":"2018 IEEE international conference on information reuse and integration (IRI)","author":"Ayoade","year":"2018"},{"key":"B6","doi-asserted-by":"publisher","first-page":"2696","DOI":"10.1002\/sec.424","article-title":"Context-aware usage control for web of things","volume":"7","author":"Bai","year":"2014","journal-title":"Secur. Commun. Netw."},{"key":"B7","first-page":"102","article-title":"Enhancing blockchain-based processes with decentralized oracles","volume-title":"BPM (blockchain and RPA forum)","author":"Basile","year":"2021"},{"key":"B8","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1007\/978-3-030-80418-3_9","article-title":"Monetising resources on a solid pod using blockchain transactions","volume-title":"The semantic web: ESWC 2021 satellite events","author":"Becker","year":"2021"},{"key":"B9","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1007\/s13218-020-00677-4","article-title":"Machine understandable policies and GDPR compliance checking","volume":"34","author":"Bonatti","year":"2020","journal-title":"KI-K\u00fcnstliche Intell."},{"key":"B10","first-page":"2","article-title":"A next-generation smart contract and decentralized application platform","volume":"3","author":"Buterin","year":"2014","journal-title":"white Pap."},{"key":"B11","doi-asserted-by":"publisher","first-page":"71605","DOI":"10.1109\/access.2020.2987608","article-title":"A blockchain-assisted trust access authentication system for solid","volume":"8","author":"Cai","year":"2020","journal-title":"IEEE Access"},{"key":"B12","doi-asserted-by":"publisher","first-page":"20211213","DOI":"10.1098\/rspb.2021.1213","article-title":"Speciation in the deep: Genomics and morphology reveal a new species of beaked whale mesoplodon eueu","volume":"288","author":"Carroll","year":"2021","journal-title":"Proc. R. Soc. B"},{"key":"B13","volume-title":"Intel sgx explained","author":"Costan","year":"2016"},{"key":"B14","doi-asserted-by":"publisher","first-page":"1","DOI":"10.3233\/sw-223009","article-title":"Analysis of ontologies and policy languages to represent information flows in GDPR","author":"Esteves","year":"2022","journal-title":"Semantic Web"},{"key":"B15","doi-asserted-by":"publisher","first-page":"17236","DOI":"10.1109\/JIOT.2021.3078072","article-title":"The performance evaluation of blockchain-based security and privacy systems for the internet of things: A tutorial","volume":"8","author":"Ferrag","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"B16","first-page":"259","article-title":"POSIX access control lists on linux","volume-title":"Proceedings of the FREENIX track: 2003 USENIX annual technical conference","author":"Gr\u00fcnbacher","year":"2003"},{"key":"B17","first-page":"655","article-title":"Greater control and transparency in personal data processing","volume-title":"International conference on information systems security and privacy","author":"Havur","year":"2020"},{"key":"B18","first-page":"531","article-title":"A policy language for distributed usage control","volume-title":"European symposium on research in computer security","author":"Hilty","year":"2007"},{"key":"B19","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1109\/msec.2019.2947124","article-title":"Trusted execution environments: Properties, applications, and challenges","volume":"18","author":"Jauernig","year":"2020","journal-title":"IEEE Secur. Priv."},{"key":"B20","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1007\/s102070100002","article-title":"The elliptic curve digital signature algorithm (ecdsa)","volume":"1","author":"Johnson","year":"2001","journal-title":"Int. J. Inf. Secur."},{"key":"B21","doi-asserted-by":"publisher","first-page":"4943","DOI":"10.1007\/s11276-019-01968-x","article-title":"An extended access control model for permissioned blockchain frameworks","volume":"26","author":"Khan","year":"2020","journal-title":"Wirel. Netw."},{"key":"B22","first-page":"539","article-title":"BlockConfess: Towards an architecture for blockchain constraints and forensics","volume-title":"AIChain@Blockchain","author":"Kirrane","year":"2020"},{"key":"B23","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1145\/968559.968562","article-title":"An access control framework for business processes for web services","volume-title":"Proceedings of the 2003 ACM workshop on XML security","author":"Koshutanski","year":"2003"},{"key":"B24","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1016\/j.cosrev.2010.02.002","article-title":"Usage control in computer security: A survey","volume":"4","author":"Lazouski","year":"2010","journal-title":"Comput. Sci. Rev."},{"key":"B25","first-page":"387","article-title":"Towards decentralized accountability and self-sovereignty in healthcare systems","volume-title":"International conference on information and communications security","author":"Liang","year":"2017"},{"key":"B26","volume-title":"Teechain: Scalable blockchain payments using trusted execution environments","author":"Lind","year":"2017"},{"key":"B27","first-page":"19","article-title":"Blockchain oracles: A framework for blockchain-based applications","volume-title":"BPM (blockchain and RPA forum)","author":"Mammadzada","year":"2020"},{"key":"B28","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-031-16168-1_4","volume-title":"Fine-grained data access control for collaborative process execution on blockchain","author":"Marangone","year":"2022"},{"key":"B29","first-page":"400","article-title":"Open-tee\u2013an open virtual trusted execution environment","volume-title":"2015","author":"McGillion","year":"2015"},{"key":"B30","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1007\/978-1-4842-4075-5","volume-title":"Ethereum for architects and developers","author":"Mohanty","year":"2018"},{"key":"B31","first-page":"35","article-title":"Foundational oracle patterns: Connecting blockchain to the off-chain world","volume-title":"BPM (blockchain and RPA forum)","author":"M\u00fchlberger","year":"2020"},{"key":"B32","doi-asserted-by":"crossref","first-page":"230","DOI":"10.1109\/ARES.2011.40","article-title":"A trustworthy usage control enforcement framework","volume-title":"2011 sixth international conference on availability","author":"Neisse","year":"2011"},{"key":"B33","doi-asserted-by":"publisher","first-page":"5943","DOI":"10.1002\/sec.1748","article-title":"Fairaccess: A new blockchain-based access control framework for the internet of things","volume":"9","author":"Ouaddah","year":"2016","journal-title":"Secur. Commun. Netw."},{"key":"B34","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1109\/mcom.2011.5936152","article-title":"A survey of the research on future internet architectures","volume":"49","author":"Pan","year":"2011","journal-title":"IEEE Commun. Mag."},{"key":"B35","doi-asserted-by":"publisher","first-page":"128","DOI":"10.1145\/984334.984339","article-title":"The uconabc usage control model","volume":"7","author":"Park","year":"2004","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"key":"B36","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3567582","article-title":"Connect API with blockchain: A survey on blockchain oracle implementation","volume":"55","author":"Pasdar","year":"2022","journal-title":"ACM Comput. Surv."},{"key":"B37","first-page":"1","article-title":"Dauth: A decentralized web authentication system using ethereum based blockchain","volume-title":"2019 international conference on vision towards emerging trends in communication and networking (ViTECoN)","author":"Patel","year":"2019"},{"key":"B38","first-page":"31","article-title":"Net neutrality: Media discourses and public perception","volume":"3","author":"Quail","year":"2010","journal-title":"Glob. Media J."},{"key":"B39","article-title":"The new copyright in the digital single market directive: A critical look","volume-title":"European intellectual property review","author":"Quintais","year":"2020"},{"key":"B40","doi-asserted-by":"crossref","first-page":"645","DOI":"10.1145\/3366424.3385759","article-title":"Towards complete decentralised verification of data with confidentiality: Different ways to connect solid pods and blockchain","volume-title":"Companion proceedings of the web conference 2020","author":"Ramachandran","year":"2020"},{"key":"B41","doi-asserted-by":"crossref","first-page":"217","DOI":"10.1145\/3355369.3355572","article-title":"Challenges in the decentralised web: The mastodon case","volume-title":"Proceedings of the internet measurement conference","author":"Raman","year":"2019"},{"key":"B42","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1145\/1067627.806586","article-title":"Design and verification of secure systems","volume":"15","author":"Rushby","year":"1981","journal-title":"ACM SIGOPS Oper. Syst. Rev."},{"key":"B43","doi-asserted-by":"crossref","first-page":"57","DOI":"10.1109\/Trustcom.2015.357","article-title":"Trusted execution environment: What it is, and what it is not","volume-title":"2015 IEEE TrustCom\/BigDataSE\/ISPA","author":"Sabt","year":"2015"},{"key":"B44","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/35.312842","article-title":"Access control: Principle and practice","volume":"32","author":"Sandhu","year":"1994","journal-title":"IEEE Commun. Mag."},{"key":"B45","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1002\/sys.20017","article-title":"Requirements development, verification, and validation exhibited in famous failures","volume":"8","author":"Terry Bahill","year":"2005","journal-title":"Syst. Eng."},{"key":"B46","first-page":"473","article-title":"A semantic context-aware access control framework for secure collaborations in pervasive computing environments","volume-title":"International semantic web conference","author":"Toninelli","year":"2006"},{"key":"B47","doi-asserted-by":"crossref","first-page":"302c","DOI":"10.1109\/HICSS.2005.58","article-title":"A trust based access control framework for P2P file-sharing systems","volume-title":"Proceedings of the 38th annual Hawaii international conference on system sciences","author":"Tran","year":"2005"},{"key":"B48","doi-asserted-by":"crossref","first-page":"610","DOI":"10.1007\/978-3-030-59013-0_30","article-title":"Privacyguard: Enforcing private data usage control with blockchain and attested off-chain contract execution","volume-title":"Computer security \u2013 esorics 2020","author":"Xiao","year":"2020"},{"key":"B49","first-page":"182","article-title":"The blockchain as a software connector","volume-title":"Wicsa","author":"Xu","year":"2016"},{"key":"B50","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-030-03035-3","volume-title":"Architecture for blockchain applications","author":"Xu","year":"2019"},{"key":"B51","doi-asserted-by":"crossref","first-page":"184","DOI":"10.1109\/WISA.2016.45","article-title":"On the performance of intel sgx","volume-title":"2016 13Th web information systems and applications conference (WISA)","author":"Zhao","year":"2016"},{"key":"B52","doi-asserted-by":"publisher","first-page":"4000","DOI":"10.1109\/jiot.2019.2960526","article-title":"Blockchain-enabled decentralized trust management and secure usage control of IoT big data","volume":"7","author":"Zhaofeng","year":"2020","journal-title":"IEEE Internet Things J."},{"key":"B53","doi-asserted-by":"publisher","first-page":"153808","DOI":"10.1007\/s11704-019-9096-y","article-title":"A survey of intel sgx and its applications","volume":"15","author":"Zheng","year":"2021","journal-title":"Front. Comput. Sci."}],"container-title":["Frontiers in Blockchain"],"original-title":[],"link":[{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/fbloc.2023.1141909\/full","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,11]],"date-time":"2023-05-11T15:43:22Z","timestamp":1683819802000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/fbloc.2023.1141909\/full"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,9]]},"references-count":53,"alternative-id":["10.3389\/fbloc.2023.1141909"],"URL":"https:\/\/doi.org\/10.3389\/fbloc.2023.1141909","relation":{},"ISSN":["2624-7852"],"issn-type":[{"value":"2624-7852","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,5,9]]},"article-number":"1141909"}}