Gao Lixia
Taiyuan University, Taiyuan, China.
PLoS One. 2025 Jan 10;20(1):e0315759. doi: 10.1371/journal.pone.0315759. eCollection 2025.
Internal auditing demands innovative and secure solutions in today's business environment, with increasing competitive pressure and frequent occurrences of risky and illegal behaviours. Blockchain along with secure databases like encryption improves internal audit security through immutability and transparency. Hence integrating blockchain with homomorphic encryption and multi-factor authentication improves privacy and mitigates computational overhead. Recently, blockchain applications for internal audits in the enterprise sector are still emerging. Thus, blockchain technology in auditing provides the benefits of enhanced transparency and immutability in data processing, which can establish new solutions for internal auditing but still lacks encryption techniques. The research proposed a framework called "BlockCryptoAudit" to enhance internal audit processes through cryptographic encryption methods and blockchain technology, ensuring secure and transparent audit operations. The proposed approach integrates an additive homomorphic Paillier encryption scheme with blockchain to create a safe and tamper-resident audit trail. Utilizing homomorphic Paillier encryption, BlockCryptoAudit ensures that computations may be performed on encrypted audit data while safeguarding data privacy. The applied blockchain hyperledger component guarantees the immutability and transparency of encrypted audit records, resulting in a decentralized and tamper-resistant record. By limiting data accessibility to authorized individuals based on specified responsibilities, role-based access restrictions handled using smart contracts further strengthen security. The study protects audit data's security and confidentiality by encrypting it and putting it on a blockchain. The study compares the proposed BlockCryptoAudit with models like B-OAP, BSE-DF, and EG-FLB regarding risk mitigation, audit quality, security overhead, and audit trail effectiveness. With little security overhead, BlockCryptoAudit beats out B-OAP, BSE-DF, and EG-FLB in terms of risk mitigation (98%) and audit quality (99%). It is an effective way to improve internal audit processes and guarantee data integrity due to its high performance.
在当今商业环境中,随着竞争压力不断增大以及风险和非法行为频繁发生,内部审计需要创新且安全的解决方案。区块链与加密等安全数据库一道,通过不可变和透明性提升内部审计安全性。因此,将区块链与同态加密和多因素身份验证相结合可提高隐私性并减轻计算开销。近来,企业部门内部审计的区块链应用仍在不断涌现。故而,审计中的区块链技术在数据处理方面带来了增强的透明度和不可变性优势,这可为内部审计建立新的解决方案,但仍缺乏加密技术。该研究提出了一个名为“BlockCryptoAudit”的框架,通过加密方法和区块链技术来增强内部审计流程,确保审计操作安全且透明。所提出的方法将加法同态Paillier加密方案与区块链集成,以创建一个安全且防篡改的审计跟踪。利用同态Paillier加密,BlockCryptoAudit确保可以对加密的审计数据进行计算,同时保护数据隐私。所应用的区块链超级账本组件保证了加密审计记录的不可变性和透明度,从而产生一个去中心化且防篡改的记录。通过基于特定职责将数据访问权限限制于授权个人,使用智能合约处理的基于角色的访问限制进一步增强了安全性。该研究通过对审计数据进行加密并将其置于区块链上,保护了审计数据的安全性和机密性。该研究将所提出的BlockCryptoAudit与B - OAP、BSE - DF和EG - FLB等模型在风险缓解、审计质量、安全开销和审计跟踪有效性方面进行了比较。BlockCryptoAudit在安全开销极小的情况下,在风险缓解(98%)和审计质量(99%)方面击败了B - OAP、BSE - DF和EG - FLB。由于其高性能,它是改进内部审计流程并保证数据完整性的有效方式。
