TrustShare is a blockchain-based framework that enables secure, privacy-preserving, and regulation-compliant cyber threat intelligence sharing across organizations using fine-grained encryption, decentralized storage, and trust-aware smart contracts.
In today’s digital age, cyber threats are evolving faster than ever. From ransomware attacks to zero-day exploits, no organization is safe — and trying to fight cybercrime alone is like using a spoon to put out a wildfire.
That’s where Cyber Threat Intelligence (CTI) comes in. CTI is all about sharing knowledge between companies, sectors, and even countries to detect and respond to threats faster and more accurately. Think of it as teamwork for the digital world.
But here’s the catch — sharing sensitive data across organizational borders comes with serious privacy, trust, and security concerns. Who can see what? What if someone alters the data? How do we know who to trust?
Enter: TrustShare — a powerful blockchain-based framework that answers these questions and builds a safe, decentralized way to share threat intelligence.
Most current CTI platforms are centralized, meaning one entity controls the data flow. This creates several issues:
Lack of trust — Organizations don’t want to share with a central authority.
Security risks — Centralized systems can be hacked or go down.
Privacy concerns — Sensitive data might be exposed.
Compliance struggles — GDPR (General Data Protection Regulation) requires strict rules like the "Right to be Forgotten."
TrustShare is designed to overcome all of these hurdles by decentralizing the system using blockchain, enforcing rules via smart contracts, and controlling access with advanced encryption.
TrustShare combines several cutting-edge technologies into one smooth, secure system:
A permissioned blockchain — unlike Bitcoin, it’s private and organizations must verify identities. It supports smart contracts (called “chaincode”) and fine-grained control.
This is where encrypted data is stored off-chain. IPFS keeps the blockchain light and efficient while ensuring that files are tamper-proof and always accessible.
This sounds complex, but here's the idea: it encrypts data in such a way that only users with specific attributes (like “Healthcare Analyst” or “Trusted Partner - UK”) can decrypt it.
These are industry standards for structuring (STIX) and exchanging (TAXII) threat data. TrustShare is fully compatible, making it easy to plug into existing systems.
TrustShare supports revocable access and the Right to be Forgotten, making it suitable for regulated industries like finance, healthcare, and government.
Let’s walk through how TrustShare enables two organizations to securely share threat intelligence:
All these steps happen with high automation, security, and privacy.
Here’s what makes TrustShare different:
Organizations can control who sees what, and even define time, location, or role-based conditions for access.
TrustShare uses a hybrid trust model:
The system calculates a score (e.g., 0.705) to decide if you’re trustworthy enough to access data.
Features like revocation, audit logs, and data minimization are built-in — perfect for industries under GDPR.
Every transaction is traceable and tamper-proof — essential for forensic analysis.
| Threat | TrustShare Solution |
|---|---|
| Sybil Attacks | Identity validation via certificates |
| Chaincode Poisoning | Smart contract version control |
| Identity Spoofing | TLS mutual authentication |
| Replay Attacks | Timestamps + Nonces |
| Insider Threats | Immutable audit trails + CP-ABE |
| Anomalous Behavior | Future SIEM integration |
This layered security approach makes TrustShare resilient even under advanced threat models.
The team behind TrustShare has laid out an exciting roadmap to make the system even better:
TrustShare isn’t just another cybersecurity buzzword — it’s a serious leap forward for how we collaborate to fight cybercrime. By combining blockchain’s trustless security, CP-ABE’s surgical access control, and standards like STIX and TAXII, TrustShare is a blueprint for secure, compliant, and scalable threat intelligence sharing.
This framework isn’t theoretical. It’s real, it’s tested, and it’s ready to protect sectors that need airtight security — from hospitals to banks to national defense.
Beyond merely safeguarding data, the objective is to ensure the future.
Cyber Threat Intelligence (CTI) - Information about cyber threats (like malware or hackers) that helps organizations prevent or respond to attacks faster. Sharing CTI helps everyone stay ahead of cybercriminals.
Blockchain - A digital ledger (like a super-secure notebook) that records transactions across many computers so the record can’t be changed. It ensures transparency, trust, and tamper-proof data sharing. - More about this concept in the article "Blockchain Showdown in Green Supply Chains | Friend or Foe?".
Hyperledger Fabric - A type of private blockchain platform built for businesses to securely exchange data with permissioned access. It powers TrustShare’s secure and fast data sharing network.
Smart Contract - Computer code on a blockchain that runs automatically when conditions are met — like a digital vending machine. They enforce rules without needing a middleman. - More about this concept in the article "Smartify: The AI-Powered Guardian for Securing Smart Contracts".
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) - A fancy type of encryption that lets data owners decide who can read their data based on roles or traits (like "Finance Team"). It gives full control over who can access sensitive info.
IPFS (InterPlanetary File System) - A decentralized way to store and share files across the internet using unique file addresses. It keeps threat data available and safe outside the blockchain.
STIX (Structured Threat Information eXpression) - A standard format for describing cyber threats so computers and teams can understand and share it easily. It makes threat data sharable and machine-readable.
TAXII (Trusted Automated Exchange of Intelligence Information) - A secure protocol that allows threat data (in STIX format) to be shared between organizations. It’s the highway that moves threat intelligence safely between trusted partners.
GDPR (General Data Protection Regulation) - A European law that protects people’s personal data and privacy. TrustShare is built to respect these rules, especially the right to delete data.
Trust Score (Direct + Indirect) - A rating system that calculates how trustworthy a participant is based on past behavior and community feedback. It helps decide who gets access to shared data.
Ali, H.; Buchanan, W.J.; Ahmad, J.; Abubakar, M.; Khan, M.S.; Wadhaj, I. TrustShare: Secure and Trusted Blockchain Framework for Threat Intelligence Sharing. Future Internet 2025, 17, 289. https://doi.org/10.3390/fi17070289
From: Edinburgh Napier University; Prince Mohammad Bin Fahd University.
