Skip to content

EPCIS Data Sanitizer

Jump to bottom
IFTGFTC edited this page Oct 20, 2019 · 1 revision

Organization: fTrace

Challenge Owner Name: Carsten Mohr mohr@ftrace.de

Challenge Statement:

EPCIS events (concise messages about the ‘what’, ‘when’, ‘where’ and ‘why’ of business process steps) often contain business-sensitive data which presents a problem for early testing or posting events to a public blockchain. If certain data elements of an event could be sanitized for testing or publishing purposes, many uses of the event framework could still occur while protecting trading partner(s) data.

Background:

EPCIS is an information sharing standard for communicating visibility event data (e.g. production, inspecting, packing, shipping, etc. of goods) between trading partners. In a nutshell, the standard defines a data model for visibility event data and interfaces to capture and share the data. The data elements recorded identify objects, places, times and parties which can often be used to infer business relationships between trading partners that may not otherwise be public. While encryption appears to be an easy solution, the possibility of the private key becoming known or the inability of retracting access make it an undesirable option. Trialing proof of concepts, leveraging public blockchains, ensuring chain of custody, and more are a few of the use cases where selective disclosure of event data would be advantageous.

Possible Solution:

An effective solution to this challenge will demonstrate a mechanism for obscuring and/or truncating data from an EPCIS event such that the essence of the event is preserved for use cases mentioned above while sensitive data is hidden. Hackers addressing this challenge could consider using a hashing algorithm to obscure certain data elements of the event in such a way that the data would only be knowable by the sender and recipient. While much of the data contained in the event will be obscured or truncated, it is still essential for a receiving trading partner to be able to discover the event. Effective solutions will enable this discovery without revealing the identities of the trading partners or an underlying transaction.

For instance, instead of a specific product batch/lot identifier (which, in EPCIS, is typically represented in the form of a URN, e.g. urn:epc:class:lgtin:4012345.000151.4711), a sanitized equivalent of the ID could look like this: ni:///sha-256; 1b1df92df91b706c68dbec89ac521649a85abc4b74523700d444358d2 f0079c3?input=lgtin. In this particular instance, the sample string includes the hash value of the above LGTIN EPC Class URI, the hash algorithm, and the input of the hash function, so that organizations having knowledge of a given product identifier can query a shared ledger for datasets pertaining to this very product batch/lot. Other, more static identifiers (such as a GLN) should follow a multi-hash approach to ensure privacy, e.g. through including previously agreed salt values (e.g. masking codes having a certain validity period).

Resources:

  1. CTEs and KDEs

  2. Challenges

    1. Catch Area Tokenization
    2. Farmed Seafood Nemo
    3. Product Passport
    4. Fisheries App Support
    5. Integration Sea to Land
    6. Accessible Farmed Seafood Identifiers
    7. Extra Harvest Marketplace
    8. Highlighting Mangrove Converted Farms

  3. Global Food Traceability Center Resources

  4. Help Videos

  5. Sample Files (PW Required)

  6. Additional Data Resources

  7. Tools

  8. Documentation for Commercial Systems that Use EPCIS

  9. Regs, Standards, Guidance

Clone this wiki locally