Introduction

The COVID-19 pandemic has significantly disrupted the global job market, severely affecting young adults. According to the International Labour Office (ILO), the global unemployment rate for individuals aged 18–24 reached 15.6% in 2021, affecting approximately 75 million young people. Notably, this rate was three times higher than that of adults [1]. This trend is especially concerning for college students facing unemployment upon graduation. The impact of unemployment extends far beyond mere economic hardship; it profoundly affects an individual’s psychosocial needs, social participation, status, self-efficacy, sense of social integration, and overall well-being and mental health [2]. Consequently, unemployment significantly increases the risk of social exclusion, potentially leading to long-term negative outcomes for both individuals and society at large.

Pertinent to the challenges faced by graduating university students in the job market, it is crucial to consider the types of questions they may encounter during interviews. These often encompass inquiries about their academic achievements, internship experiences, career aspirations, and ability to apply theoretical knowledge to practical situations. Additionally, interviewers frequently probe candidates’ soft skills, such as communication, teamwork, and problem-solving abilities. With this context in mind, it is worth examining the integrity issues that arise during the recruitment process [3]. Second, when companies recruit talents, job seekers include false information in their resumes to make themselves more attractive candidates [4,5]. In a 2021 analysis of 2.6 million Automatic Data Processing (ADP), Jasmine found that 23% had forged certificates or licenses, and 41% had lied on their resumes or falsified academic qualifications [6] With the development of the network, there are gradually more online talent recruitment systems, but it also creates a lot of data leakage risks [7,8] Statista counted the number of data breaches from the first quarter of 2020 to the third quarter of 2022, and in the fourth quarter of 2020, there were about 125 million data breaches on the Internet worldwide [9]. There are many recruitment scams when students are looking for a job. Recruitment scams range from using real jobs as bait to lure job seekers into sending passports, bank accounts, etc., personal information and paying unreasonable fees [10] to luring jobs into obtaining their names, phone numbers, and addresses through false job advertisements and then selling them to third parties [11]. Talent recruitment is primarily manual [12]. Recruitment is costly, unsafe, inefficient, and time-consuming [13]. Manual recruitment will also be abandoned in the next few years, turning to a safer and more efficient digital recruitment process [14].

With the rapid development of technology, more and more new technologies are being used to solve the problem of talent recruitment, and blockchain technology is one of them [15]. Blockchain technology represents a decentralized, pseudonymous, traceable, and non-repudiable information-sharing platform [16,17], This innovative technology demonstrates considerable scalability and robust security attributes, imbuing it with significant potential for deployment across a wide spectrum of industries and applications. Moreover, the inherent characteristics of blockchain technology offer promising solutions to address prevalent issues in talent recruitment, such as fraudulent hiring practices and data breaches. Its versatility extends to addressing multifaceted challenges, including data privacy concerns [18–20], healthcare insurance paradigms [21], smart grid systems [22,23], secure data in the industrial Internet of Things [24,25], and smart environments [26]. In addition, other scholars have evaluated and improved the blockchain’s consensus and incentive mechanism [27–29]. The architectural environment of blockchain can be classified into three types: public chain, private chain, and consortium chain. Although public chains are highly decentralized, they have low transaction speeds. Although the private chain has high data privacy and fast transaction speed, and the organization that enters the node needs permission to join, the authority is in the hands of a single organization. The organization running the private chain can easily modify the rules, resulting in low trust and greatly reduced security and transparency in the blockchain. The consortium blockchain combines the public chain’s decentralization characteristics with the private chain’s characteristics of high privacy and fast transaction speed and requires permission to join. Security and transparency in the blockchain will be significantly reduced. It is known that compared with public chains and private chains, consortium blockchain is more suitable for application in talent recruitment, an organization with multiple common interests.

At present, the use of blockchain technology to solve the talent recruitment system is mainly divided into the following two categories: (1) Discuss the design and application of recruitment: using blockchain technology digital certificate recruitment management platform [15], applicants can upload certificate documents to the blockchain for performance evaluation during the recruitment. An intelligent recruitment system for graduates based on big data-assisted blockchain is proposed [16], which uses big data technology to enable employers to recruit talents more efficiently. A disability recruitment model based on blockchain and smart contracts to change the lives of determined people with disabilities [30]. (2) Another category is to explore the protection of students’ credits and certificates during the academic period: blockchain-based educational record storage and sharing scheme are proposed, enabling students to transfer credits between different educational institutions [10,31] Smart contracts are using Ethereum to enable cross-institutional sharing of education records [32]. There is a degree-proof system based on Hyperledger Fabric traceability [33].

However, in the above literature, the protection of credits and certificates during studies isn’t combined with the recruitment process. It also doesn’t use technologies to process data outside the blockchain to reduce the storage space on the blockchain. There’s also no mention of data protection or information storage.

Therefore, this research aims to combine the consortium blockchain and IPFS with the talent recruitment system, allowing students, schools, and enterprises to utilize blockchain technology to ensure the privacy and security of the talent recruitment system. The objectives of this study are as follows:(1). Decentralization and Information Sharing: In the architecture of blockchain networks, decentralized bookkeeping and storage have been achieved, where each node enjoys equal rights and responsibilities. (2). Non-repudiation: Without non-repudiation, there is a possibility that the recruiters or applicants may falsify or tamper with the documents or agreements between them, resulting in a breach of trust or a loss of rights. (3). Data integrity: With data integrity, the company can accurately assess the recruitment needs when hiring. (4). Access control with privacy: There are many data breaches in online recruitment, so students can use this management system to open their resumes and learning experience files to enterprises according to their wishes to reduce the occurrence of data leakage. (5). Traceability: Blockchain technology ensures all parties have equal rights and choices, and any exchange between two roles is auditable. (6). Verifiability: Without verifiability, it is impossible to prove the authenticity or validity of data, transactions, or actions in the system, which leads to a lack of trust and credibility. (7). Man-in-the-Middle Attacks: Hackers may intercept network packets and modify or insert malicious code into messages that are being transmitted. (8). Sybil Attacks: Sybil attacks are behaviors in which individuals or organizations manipulate or control the system by creating multiple fake identities or nodes in the blockchain network.

The rest of the work is structured as follows. Section 2 provides the knowledge on which this study is based. Section 3 describes the talent acquisition management system’s architecture and communication protocols. Section 4 is a security analysis of the system in this study. Section 5 discusses the computational cost, communication cost, and performance of the system and compares them with other schemes. In the last section, we conclude this work.

2 Preliminary

2.1 Blockcahin

The concept of blockchain technology was proposed by Satoshi Nakamoto in 2008 in the Bitcoin white paper [34]. Blockchain technology utilizes cryptography, consensus mechanisms, peer-to-peer network protocols, and other techniques to store transaction records in a decentralized database. The basic unit of a blockchain is a block, which contains transaction data, a timestamp, the block’s hash value, and the previous block’s hash value, as illustrated in Fig 1. Since each block contains the previous block’s hash value, each block can be regarded as the fingerprint of the previous block, forming a continuously extending chain.

[Figure omitted. See PDF.]

Blockchain includes many features, such as decentralization, transparency, anonymity, tamper resistance, traceability, scalability, encryption protection, and smart contracts.

2.2 Hyperledger Fabric

Hyperledger Fabric is an open-source, enterprise-grade, permissioned distributed ledger technology, a blockchain-based distributed ledger platform proposed by the Linux Foundation in 2015 [35]. The Hyperledger Fabric platform of the consortium blockchain must be approved for joining. This means that, unlike the public chain without permission, all consortium blockchain nodes must be vetted before joining. Unlike the full centralization of the private chain, it’s jointly operated by several companies with stakeholders, which is particularly suitable for use in the enterprise environment. Hyperledger Fabric is a modular architecture containing Orderer, Peer, Client, Certificate Authorities (CA), Membership Service Providers (MSP), Channel, and Chaincode.

The basic Hyperledger Fabric architecture comprises a sorting node and multiple peer nodes. Before executing the chaincode, two nodes with common interests need to form a channel and submit the chaincode to the channel, and all users are connected to the Hyperledger server through the client; because the Hyperledger Fabric is a permission network, blockchain participants need a way to prove their identity to the rest of the network.

2.3 Smart Contract

Smart contracts were first proposed by Nick Szabo in 1994 [36]. In a smart contract, both parties agree on the details of the contract in advance, and when the pre-defined conditions are met, the program will be executed automatically.

Smart contract components: Smart contracts must have a contract subject so that the contract’s relevant goods and service processes can be automatically locked and unlocked. Digital signature: Smart contracts require all participating users to authenticate through their private keys before they can be activated. Contract terms: All the operation procedures in the smart contract need to be recognized and signed by all participating users before they can be activated. The contract of the decentralized platform is deployed in the decentralized node platform, and we are waiting for the execution of the contract.

2.4 Interplanetary File System (IPFS)

The InterPlanetary File System (IPFS) is a distributed file storage and transmission system designed by Juan in 2014 [37]. By leveraging peer-to-peer technology and a decentralized approach, files are distributed and stored across nodes in the network, creating a more secure, faster, open, and sustainable network.

Utilizing the InterPlanetary File System (IPFS) for off-chain storage of voluminous data presents a cost-effective alternative to on-chain storage in blockchain systems. Upon transfer to IPFS, the data is subjected to SHA-256 cryptographic hashing, generating a distinct Content Identifier (CID). This process guarantees the uniqueness of each file within the IPFS network and ensures its immutability, thereby maintaining the integrity of the stored information.

2.5 Elliptic Curve Digital Signature Algorithm (ECDSA)

The Elliptic Curve Digital Signature Algorithm was proposed by Johnson et al. in 2001 [38], which is a combination of Elliptic Curve Cryptography (Elliptic Curve Cryptography, ECC) and Digital Signature Algorithm (DSA). Encryption algorithm, compared with RSA, ECDSA has a shorter public key length, smaller encrypted message, shorter calculation and processing time, and smaller memory and bandwidth requirements.

The three stages of ECDSA key generation are described as follows:

1. 1) Key generation stage

Assuming that any participant must apply for public and private keys to the blockchain center, the key generation using ECDSA is as follows , role x will be the participant’s ID, the private key the public key, and the generation point based on the ellipse curve. The public and private keys will be sent to the participant and stored, and the blockchain center will store them.

1. 2) Signature Stage

First, you need to obtain a curve parameter and generate a random number between them, then calculate the hash value of the message , and then calculate a feature value on the curve . Then we calculate , and then we use the hash value of the message to sign: .

1. 3) Verification stage

Verify that the values of and , as well as and match the following: , and then verify that the signature is valid.

3 Proposed Scheme

This chapter outlines the architecture and protocols of the proposed talent recruitment management system. Section 3.1 delineates the system’s structural framework, detailing roles, systems, and organizations involved, and presents the process flow from the job posting to the interview stage. Section 3.2 defines the symbols and notations used. Sections 3.3–3.8 examine each phase of the recruitment process, detailing specific protocols and communication mechanisms employed at each stage, from job dissemination to interview actualization.

3.1 System Architecture

1. 1) COMPANY (CO):

When a company intends to collaborate with a university for recruitment purposes, the company set up an internal corporate server and forms a consortium blockchain with the school, responsible for posting job offers to the school.

1. 2) STUDENT (STU):

Students can search for the jobs they want from the job openings posted by the company, and authorize the school to allow the company to check the student’s information.

1. 3) SCHOOL (SCH):

Linking student’s expertise system with the blockchain center, setting up a blockchain server to create a consortium blockchain channel and adding companies to the channel to form a consortium blockchain, and then the school administrator to build a bridge for communication between students and companies, allowing students to authorize the school.

1. 4) CERTIFICATE AUTHORITY (CA):

CA node will provide certificates, public keys, and private keys for all users who want to join the system.

1. 5) BLOCKCHAIN CENTER (BCC):

The school administrator sets up Blockchain Center and contains fabric peer nodes (school and company) and fabric Orderer nodes and Certificate Authority (CA) nodes deployed using Docker technology.

1. 6) DOCKER:

Using Docker to deploy Hyperledger Fabric can improve deployment efficiency and provide modularity, virtualization, and flexibility. Additionally, it provides a secure isolated container environment to protect the system security and is easy to manage and maintain.

1. 7) INTERPLANETARY FILE SYSTEM (IPFS):

Schools can upload students’ academic history to the blockchain center, such as resumes, academic history, personal academic achievement, and professional licenses obtained.

Fig 2 illustrates the complete process from the publication of job recruitment information to student-company interviews, involving students, schools, and companies. The detailed description of the six stages is as follows:

[Figure omitted. See PDF.]

1. 1) Initialization phase:

The school administrator will first create a channel, then add the peer nodes of the company and the school to the channel, install the chaincode on each peer node, and initialize the chaincode.

1. 2) Registration phase:

All users (including students and companies) need to apply for registration with the blockchain center to get the system account.

1. 3) Company recruitment announcement phase:

When the company has job vacancies, it will propose the list of required professionals to the school, the conditions, and the deadline for the candidates.

1. 4) Student job application phase:

Students can apply for an interview on the website provided by the school within the deadline and fill out the interview information. After the deadline, the school will judge whether the students conform to the list of expertise, and then upload the interview information and learning history file to IPFS after encrypting the information that meets the list of expertise, and getting the address of the information in IPFS, and then store it into the blockchain system with the student number.

1. 5) Interview phase:

The school will send the authorization request message to the student. When the student receives the message, he/she can choose whether or not to authorize the school to reveal the student’s data for the company to view the student’s data, and platform to announce the interview. The school will send a list of eligible students with their student numbers and a one-time URL to the company. The company will use the student list and one-time password to check the student’s interview information and learning history and can make further interviews with the qualified students.

1. 6) Announcement results phase:

The company will send the information to the students whether they passed the interview or not.

3.2 Notation

The notation of this article is illustrated in Table 1.

[Figure omitted. See PDF.]

3.3 Initialization Phase

During the channel creation phase, the school administrator sets up a Hyperledger Fabric platform and organizes the companies and schools into a consortium blockchain. The school administrator creates a channel and then initializes the chain by adding each node of the corresponding partner organizations (companies and schools) to the channel and installing the chaincode.

Step 1: The school administrator will create the necessary files for the channel and use the Application to create the channel and add the school and partner companies to the channel.

Step 2: The school administrator connects all peer nodes in the channel through the Application then installs the chaincode on each peer node and initializes the chaincode.

Figs 3 and 4 show the chaincode structure and IPFS structure, respectively, for storing job announcement messages and job applications. Before storing the job announcement messages and job applications in the blockchain, they have to be encrypted and stored in IPFS. Then the index addresses are added with the corresponding company_id, deadline, or student_id before they can be stored in the blockchain.3.4 Registration Phase.

[Figure omitted. See PDF.]

[Figure omitted. See PDF.]

During the registration phase, system role X can represent both companies and students. Role X submits enrollment application requirements and identity information to the school to the CA node. The CA generates the public key, and certificate for Role X. Fig 5 shows a flowchart of the user registration phase.

[Figure omitted. See PDF.]

Step 1: System role X generates a registration application request message, and the identity code is sent to the school.

Step 2: The SCH administrator will verify the information and, if valid, send it to the corresponding CA node, which will generate the public key, private key, and certificate document based on the system’s role.

Step 3: The system will send the CA-generated information to system role X based on system role X’s account and identity information.

Step 4: System role X receives the parameter of the signed message and saves it.

3.5 Company Recruitment Announcement Phase

When a company has a job opening, it will submit the job requirements, a list of required skills, and the deadline to the school through the website, along with an ECDSA signature to ensure that the request is made by the company. This is the job posting stage, as illustrated in Fig 6.

[Figure omitted. See PDF.]

Step 1:When a company has a job requirement, the company will generate a job requirement , , a requirement specialty , a random number and a and then generate a message , and into :

(1)(2)

The company will then digitally sign the function in the parameter transfer Algorithm1. and then the company will send to the school administrator.

Step 2: The school administrator then performs hashing function by using and verifying if the hash value is the same:

(3)(4)

The school administrator will then call the function of Algorithm 2 with the parameter to verify signature is correct. If the school administrator verifies that the signature is valid send it to IPFS.

Step 3: IPFS calculation query code :

(5)

IPFS sends to the school administrator.

Step 4: The school administrator then saves , , , and into the blockchain.

Algorithm 1. ((h, k, d))

(x,y) = k * G

r = x mod n

s = k^-1(h+r * d) mod n

return (r,s)

Algorithm 2. function Verify ((h,r,s,Q))

u₁ = h * s^-1 mod n

v₁ = r * s^-1 mod n

(x,y) = u₁G + v₁Q

return ((x mod n == r)?"valid":"invalid")

3.6 Student Job Application Phase

In the job application process, students submit requests via the institution’s portal, providing interview details, credentials, and employer designation. Requests include an ECDSA signature for authenticity. Upon meeting the criteria, student records and information undergo a two-phase process: uploading to IPFS, generating a Content Identifier (CID), and then recording on the blockchain, as shown in Fig 7.

[Figure omitted. See PDF.]

Step 1: Students fill out the interview data at a random number and and students use , and to generate the message and perform hashing operation:

(6)(7)

The student will then obtain a digital signature for the function in the parameter delivery Algorithm 1 and then encrypt using the school’s public key and generate the ciphertext :

(8)

Finally, the student sends to the school for signature verification.

Step 2: After receiving the message, the school administrator will use the school’s private key to decrypt the ciphertext and perform a hashing function to verify if the hash count is the same:

(9)(10)(11)

Next, the school administrator will verify that the function in the parameter Algorithm 2 is signed correctly. If the signature is valid the school administrator will query the student’s , and then use , , and to generate a message M₃, using the school’s public key to generate :

(12)(13)

The school administrator will then store the encrypted cipher text in IPFS.

Step 3: IPFS calculates the query code :

(14)

IPFS sends to the school administrator.

Step 4: The school then generates and stores , and into the blockchain.

3.7 Interview Phase

The school will send a request for authorization message to the student when the deadline for the job announcement is reached. Upon receipt of the request, the student can decide whether or not to authorize the request and authorize the school with an ECDSA signature, allowing the school to open the student’s information to the company for inquiries. The school sends the list of eligible students to the company with their one-time authorization code. The company will then use the student list and the one-time authorization password to access the student’s interview information and learning history and can schedule further interviews with eligible students, as illustrated in Figs 8 and 9.

[Figure omitted. See PDF.]

[Figure omitted. See PDF.]

Step 1: The school administrator will send an authorization request to the student.

Step 2: Students generate a random number and then use , , and to generate the message and perform the hashing operation:

(15)(16)

The student then passes the parameter to the Sign function in Algorithm 1 to obtain a digital signature and the student then passes it to the school.

Step 3: The school administrator will use for hashing operation and will verify if the hash value is the same as illustrated below.

(17)(18)

The school administrator will pass the parameters to the Verify function in Algorithm 2 to confirm whether the signature is correct. After confirming the signature, the school administrator will upload , and to the blockchain using the chaincode, and then the school will generate a message with the one-time authorization code and generate the message using and , finally encrypt it using the company’s public key:

(19)(20)(21)

The school administrator then sends to the company.

Step 4: The company decrypts the ciphertext with its private key, then the company performs a hashing operation and verifies if the hash value is the same as :

(22)(23)(24)

The company generates a random number and uses , and to generate and hash the message :

(25)(26)

The company will then pass the parameter to the Sign function in Algorithm 1 to obtain the digital signature and encrypt it with the school’s public key, and then the company will generate the cipher text :

(27)

Finally, the company sends to the school.

Step 5: The school administrator will decrypt the ciphertext with his private key and perform a hashing operation and hash value verification:

(28)(29)(30)

The school administrator will pass the parameter to the Verify function in Algorithm 2 to verify if the signature is correct. After verifying the signature, the school administrator will use to find the student and use to find . Finally, use to find the ciphertext in IPFS and then use the school’s private key to decrypt the ciphertext :

(31)

The signature message is then updated to the blockchain using the chaincode and encrypted using the company’s public key:

(32)(33)

Finally, the school administrator sends to the company.

Step 6: The company will use its private key to decrypt the ciphertext at :

(34)(35)(36)

After decryption, the company can view the students and can schedule further interviews with eligible students. To schedule further interviews, the company generates a random number and uses and to generate the message and perform hashing operation:

(37)(38)

Step 7:The student will use to perform the hashing operation and verify if the hash value is the same:

(39)(40)

The student will pass the parameters to the function in Algorithm 2 to verify if the signature is correct, and then the student can wait for the company to conduct further oral interviews.

3.8 Announcement Results Phase

After the company has completed the interview, a list of those who have passed the interview will be sent to the school with the company’s signature to ensure that the message was sent by the company and then posted on the announcement board. Fig 10 shows the flow of the announcement of results.

[Figure omitted. See PDF.]

Step 1: The company generates random numbers and uses , and the messages that pass the interview to generate messages and perform hashing operation:

(41)(42)

The company will send the parameters to the Sign function in Algorithm 1 to obtain the digital signature and then send to the school.

Step 2: The school administrator will perform hash computation on and check if the hash value of is the same as :

(43)(44)

The school administrator will pass the parameter to the function in Algorithm 2 to verify if the signature is correct. If it is, post the company name and list of accepted students in the announcement section

4 Analysis

In the following sections, this study presents a comprehensive analysis of blockchain technology, encompassing its fundamental characteristics, security assessments, and an examination of common network threats and security challenges blockchain systems face. We begin with a detailed analysis of the core characteristics of blockchain (Sections 4.1 to 4.4). Subsequently, we conduct a thorough security assessment (Sections 4.5 and 4.6). Finally, we explore common network threats and security challenges blockchain systems face (Sections 4.7 and 4.8).

4.1 Decentralization and Information Sharing

Each role handles the data and uses his or her private key to sign in the proposed scheme. We have adopted Hyperledger’s consortium chain architecture. Under the Hyperledger Fabric, consortium members must register with the blockchain to communicate. The Hyperledger Fabric architecture allows for forming federations of interested players, and a single Hyperledger Fabric architecture can have multiple federations. All information dissemination is transparent and open to members of the same federation. Due to the blockchain architecture, any one node cannot cheat the rest of the nodes. For the members of the same federation, this realizes the trust relationship among the members and further constitutes the trust relationship among multiple members. Therefore, the proposed method realizes federation members’ decentralization and information sharing under the Hyperledger Fabric architecture of blockchain.

4.2 Traceability

After the information is uploaded to the blockchain, the data blocks containing the transaction information will be permanently stored on the blockchain and cannot be tampered with. For example, when you want to track and confirm the legality of the blockchain data between the company and the school during the job search announcement stage, you can compare and verify the signature value, and when you want to verify the legality of the blockchain between the student and the school during the job search application stage, you can compare and verify.

4.3 Data Integrity

To ensure the integrity of the data in the sender and receiver communications and the data in the memory, this scenario uses the hash values of the sender and receiver for evaluation during the data-sending phase, as illustrated in Table 2. In the storage phase, IPFS generates a unique search code for each record and finally stores it in the blockchain. This way, hackers cannot falsify the data, and the integrity of the data is guaranteed.

[Figure omitted. See PDF.]

4.4 Non-repudiation

The surname is indisputable, and when the recipient receives the message, he verifies it with the sender’s public key. If the message is successfully verified, the sender cannot deny the transmitted message. The information is then uploaded to a blockchain, and the timestamp function included in the blockchain records the time of creation. The non-repudiation verification is illustrated in Table 3.

[Figure omitted. See PDF.]

4.5 Access Control with Privacy

In this scheme, the architecture based on the consortium chain is adopted, combined with the encryption of the public and private keys and the off-chain storage mechanism of IPFS. The message is signed by the private key, uploaded to IPFS, and then the query code is transmitted to the blockchain center, which can confirm the correctness of the information of all members of the same consortium and the openness of the blockchain system. In addition, the text of the message is also encrypted by the public key, and only the consortium members with the corresponding private key can decrypt the correct information, while the rest of the members cannot get the correct information to achieve the protection of private information. Through the Consortium Blockchain structure, the sharing of information and the protection of personal privacy can be realized at the same time.

4.6 Verifiable

This paper implements several verifiable goals in the system using blockchain architecture. For example, digital certificates can publicly verify the legitimacy of role identities, and each role’s public key and signature information can also be made available to consortium members. According to the characteristics of the blockchain, the transaction process from the licensed user to the owner also needs to be uploaded to the blockchain, which will also become the object of public supervision.

When a company sends a signature message from ECDSA to a school, the school verifies the correctness of the signature by using Algorithm 2, then generates the blockchain data , and later uploads the blockchain data as an index to the blockchain, that is, after verifying the correctness of the incoming message and the signature of each role, it also verifies the correctness of all the blockchain data generated by the previous roles. This means that after confirming the correctness of incoming messages and signatures of each actor, the correctness of all blockchain data generated by previous roles is also verified. Thus, the solution realizes the feature of public verification using ECDSA digital signature and blockchain technology.

4.7 Man-in-the-middle Attack (MITM)

MITM is one of the most well-known cyberattacks [39], in which the attacker alters or intercepts the messages between the sender and the receiver. In this method, we use asymmetric encryption, e.g., students encrypt into a cipher with the school’s public key during the application phase. When the school receives the encrypted text, they decrypt it with their private key and the equation is as follows:

(45)(46)

Scenario: The attacker uses the communication messages between the sender and the receiver to eavesdrop or modify the content and analyze the content.

Analysis: The message is encrypted with the recipient’s public key and the recipient must have got a corresponding private key for decryption to obtain the message. However, since the attacker doesn’t have the recipient’s private key, he cannot decrypt, learn and forward the message.

4.8 Sybil Attack

Sybil attacks are attacks on P2P networks where attackers take control of the networks by impersonating multiple identities and breaking consensus mechanisms [40]. In this solution, our system uses the Hyperledger Fabric architecture, where all nodes that want to join must be authorized by a credential manager (CA) to join nodes, and all nodes are authenticated with certificates to avoid Sybil attacks.

5 Discussion

Section 5.1 of this chapter will analyze the computational costs for each phase. Section 5.2 will examine the communication costs for each phase, evaluating them in both Fast Ethernet and 10 Gigabit Ethernet environments. Section 5.3 will present performance tests based on the proposed solution, focusing on the performance evaluation of chaincode deployment. In the test, we selected 13 sending rate groups ranging from 50 tps to 650 tps, with 50 tps intervals between each group, each lasting 3 seconds, and employing load balancing techniques. Furthermore, we will analyze the relationship between sending rate and latency, as well as the relationship between sending rate and throughput. Finally, we will analyze the access capability and throughput of the proposed system. Section 5.4 will compare our approach with previous research using a tabular format.

5.1 Computation Cost

The computational costs for each phase are analyzed in Table 4. We use asymmetric encryption/decryption, comparisons, hash functions, and multiplication calculations as the basis for the computational cost. Calculated Costs per Phase

[Figure omitted. See PDF.]

5.2 Communication Cost

The communication costs are analyzed for each phase in Table 5. In a Fast Ethernet environment, the maximum transmission rate is 100Mbps, and in a 10 Gigabit Ethernet environment, the maximum transmission rate is 10 Gbps. From the analysis in Table 5, it could be seen that the proposed solution has excellent performance in both high-speed Ethernet and exile Ethernet environments.

[Figure omitted. See PDF.]

5.3 Performance

For the scenario proposed in this study, this section evaluates the performance of the chaincode contract deployment. The test tool uses Hyperledger Calliper version 0.4.2 and the blockchain platform uses Hyperledger Fabric version 2.3. On a server with an Intel Core i9 [email protected] CPU and 16GB RAM, we set up a CA node, a contract node, and two peer nodes and use Ubuntu 20.04 as a server. To submit transaction data to the blockchain network and read data from the network, we developed a core chaincode to be a master operation. For this purpose, Calliper v0.4.2 was used as a performance measure to test the throughput and transaction latency of the Chaincode. The throughput of the blockchain network is the transaction commit rate on the entire ledger measured using TPS, and the latency is the time taken to test the interaction between the handover of the chaincode and the ledger. Transaction latency and throughput are used to perform read and write operations.

Before testing latency and throughput, we first tested memory and CPU usage without load balancing and with load balancing. Without load balancing, the blockchain receives requests for services in the order in which they’re sent, which reduces the response speed of blockchain nodes and takes up a lot of system resources, which can cause the server to crash. In this test, we set the transaction rate to 2000tps and continued the transaction for 2 seconds. In Figs 11 and 12, we see that without load balancing, the usage of the CPU is 60.56% and the memory usage is 538.7 MB. With load balancing, the usage of the CPU drops to 53.95%, and the memory usage drops to536.9 MB. In this test, we found that load balancing can optimize CPU utilization and memory usage.

[Figure omitted. See PDF.]

[Figure omitted. See PDF.]

In Fig 13, we analyze the relationship between the sending rate and the throughput. In this test, we chose 13 sending rate groups from 50 tps to 650 tps, each with 50 tps intervals of 3 seconds, and use load balancing. The throughput is 31.1 tps at a minimum and 124.8 tps at maximum for the write office and 50 tps at a minimum and 636.9 tps at maximum for the read office.

[Figure omitted. See PDF.]

In Fig 14 we analyze the relationship between sending rate and latency. The minimum delay when writing data is 0.28 s and the maximum delay is 11.95 s. The minimum delay when querying data is 0.01 s and the maximum delay is 1.49 s. It can be seen that when the transmission interval size is constant, the delay of the writing phase increases with the increase of transmission rate, while the delay of the read phase does not increase with the increase of transmission rate, and the delay time is stable and short. The delay of the read phase before 550 tps does not increase with the increase of transmission rate, and the delay time is stable and short, but after 550 tps, the delay time increases with the increase of transmission rate. Therefore, the proposed system is very powerful in storing and reading data and can quickly publish information about the application in the application phase of the company. In addition, the throughput is large enough to write information to the CV and learning history files in the student’s application phase.

[Figure omitted. See PDF.]

5.4 Related Works Comparison

In this section, we conducted a literature review [8,13,15–19] and identified several shortcomings: [15–18] failed to ensure data integrity; [8,13,15,17–19] neglected the non-repudiation security requirement; [8,13,15–17] lacked access control mechanisms to limit access to sensitive data; [8,13,15] did not address scalability challenges; [8,13,15–19] did not employ off-chain storage technology on the blockchain to store data. In response, this study puts forth a talent recruitment system with enhancements to privacy, data integrity, and non-repudiation: leveraging cryptography to secure information transmission, mitigating blockchain storage limitations and facilitating company-university recruitment pipelines via off-chain storage, and enforcing access control policies to restrict unauthorized access to sensitive student data.

Furthermore, we conducted a systematic comparison and evaluation of previous related research. Table 6 provides a detailed comparison of key features between our study and existing literature. Chen et al. [10] proposed using Hyperledger Fabric to solve the cross-university credit-credit certification system. Jeong and Choi [15] proposed a blockchain-based digital certificate recruitment management platform. Guo et al. [16] proposed an intelligent graduate recruitment system based on a data-assisted blockchain. Hamrani et al. [30] proposed a disability recruitment model based on blockchain and smart contracts, but it increases the burden on the amount of on-chain storage and data owners. Turkanović et al. [31]proposed a blockchain-based educational record storage and sharing scheme that allowed students to transfer credits between different educational institutions. Still, it increases the amount of on-chain storage and the burden on data owners. Li and Han [32] proposed using Ethereum smart contracts to enable cross-institutional sharing of education records, but no external agency, only school-to-school. Ayub Khan et al. [33] proposed a degree-proof system based on Hyperledger Fabric traceability.

[Figure omitted. See PDF.]

6 Conclusions

This study proposes a privacy-aware talent recruitment system based on the consortium blockchain and IPFS, which utilizes the non-tamperable mechanism of blockchain, IPFS, and asymmetric encryption to achieve data privacy and security in the talent recruitment management process.

The primary contributions of this study are as follows:

1. 1) The immutability of blockchain prevents altering students’ job search information, ensuring data integrity.

2. 2) Utilizing the features of Hyperledger Fabric, the system mitigates the participation of malicious entities, thus reducing the risk of fraudulent information.

3. 3) Implementing IPFS to store company recruitment data and students’ job search data reduces on-chain data storage costs.

4. 4) Asymmetric encryption is employed to secure students’ job applications, enhancing data privacy and security.

5. 5) A consortium blockchain is established between schools and companies to facilitate secure information exchange, balancing data sharing and privacy protection.

6. 6) The system provides a matchmaking platform for enterprises, schools, and students, ensuring secure and efficient employment opportunities.

Overall, the proposed scheme offers a secure and private job search experience for students while providing companies with a novel recruitment option. Companies can evaluate candidates by reviewing their academic history and performance, thereby improving the recruitment process.

In the future, we plan to integrate AI tools as another component to expedite and enhance the accuracy of the recruitment process in the human resources department. Additionally, we will determine the impact of node quantity and workload on the overall performance of the network

Acknowledgments

We extend our appreciation to express our gratitude to all participants for their time devoted to this study.

References

1. 1. Dasgupta S, O’Higgins N, Kim K, Esquivel V, Stefan K, Parisotto A, et al. Global Employment Trends for Youth 2022: Investing in transforming futures for young people. 2022.

2. 2. Pohlan L. Unemployment and social exclusion. Journal of Economic Behavior & Organization. 2019;164:273–99.

* View Article

* Google Scholar

3. 3. Ansah RH, Aikhuele DO, Yao L. Unethical Admissions: Academic Integrity in Question. Sci Eng Ethics. 2017;23(4):1237–9. pmid:27896603

* View Article

* PubMed/NCBI

* Google Scholar

4. 4. Henle CA, Dineen BR, Duffy MK. Assessing Intentional Resume Deception: Development and Nomological Network of a Resume Fraud Measure. J Bus Psychol. 2017;34(1):87–106.

* View Article

* Google Scholar

5. 5. Ingold PV, Langer M. Resume = Resume? The effects of blockchain, social media, and classical resumes on resume fraud and applicant reactions to resumes. Computers in Human Behavior. 2021;114:106573.

* View Article

* Google Scholar

6. 6. Jasmine Quigley. The Future of Credentialing (Why Isn’t Credential Fraud Zero?). 2021 [cited April 22, 2021]. Available from: https://www.accredible.com/blog/the-future-of-credentialing

* View Article

* Google Scholar

7. 7. Wheatley S, Maillart T, Sornette D. The extreme risk of personal data breaches and the erosion of privacy. Eur Phys J B. 2016;89:1–12.

* View Article

* Google Scholar

8. 8. Algarni AM, Thayananthan V, Malaiya YK. Quantitative Assessment of Cybersecurity Risks for Mitigating Data Breaches in Business Systems. Applied Sciences. 2021;11(8):3678.

* View Article

* Google Scholar

9. 9. Statista Research Department. Number of data records exposed worldwide from 1st quarter 2020 to 3rd quarter 2022. 2022 [cited November 11, 2022]. Available from: https://www.statista.com/statistics/1307426/number-of-data-breaches-worldwide/#statisticContainer

* View Article

* Google Scholar

10. 10. Chen C-L, Wang T, Tsaur W-J, Weng W, Deng Y-Y, Cui J. Based on Consortium Blockchain to Design a Credit Verifiable Cross University Course Learning System. Security and Communication Networks. 2021;2021:1–18.

* View Article

* Google Scholar

11. 11. Vidros S, Kolias C, Kambourakis G. Online recruitment services: another playground for fraudsters. Computer Fraud & Security. 2016;2016(3):8–13.

* View Article

* Google Scholar

12. 12. Dhanala NS, Radha D. Implementation and testing of a blockchain based recruitment management system. In: 2020 5th International Conference on Communication and Electronics Systems (ICCES). IEEE. 2020. 583–8.

* View Article

* Google Scholar

13. 13. Kişi N. Exploratory Research on the Use of Blockchain Technology in Recruitment. Sustainability. 2022;14(16):10098.

* View Article

* Google Scholar

14. 14. Rhemananda H, Simbolon D, Fachrunnisa O. Blockchain technology to support employee recruitment and selection in industrial revolution 4.0. In: International conference on smart computing and cyber security: strategic foresight, security challenges and innovation. Springer; 2020, p. 305–11.

15. 15. Jeong W, Choi M. Design of recruitment management platform using digital certificate on blockchain. J Inf Process Syst. 2019;15:707–16.

* View Article

* Google Scholar

16. 16. Guo J, Wang D, Montenegro-Marin C, García-Díaz V. Design and research of intelligent screening system for graduate recruitment based on big data assisted ontology-based blockchain design. J Internet Technol. 2021;22:1429–42.

* View Article

* Google Scholar

17. 17. Li G, Dong M, Yang LT, Ota K, Wu J, Li J. Preserving Edge Knowledge Sharing Among IoT Services: A Blockchain-Based Approach. IEEE Trans Emerg Top Comput Intell. 2020;4(5):653–65.

* View Article

* Google Scholar

18. 18. Wang Y, Su Z, Zhang N, Chen J, Sun X, Ye Z, et al. SPDS: A Secure and Auditable Private Data Sharing Scheme for Smart Grid Based on Blockchain. IEEE Trans Ind Inf. 2021;17(11):7688–99.

* View Article

* Google Scholar

19. 19. Mendis GJ, Wu Y, Wei J, Sabounchi M, Roche R. A Blockchain-Powered Decentralized and Secure Computing Paradigm. IEEE Trans Emerg Topics Comput. 2021;9(4):2201–22.

* View Article

* Google Scholar

20. 20. Kalapaaking AP, Khalil I, Yi X. Blockchain-Based Federated Learning With SMPC Model Verification Against Poisoning Attack for Healthcare Systems. IEEE Trans Emerg Topics Comput. 2024;12(1):269–80.

* View Article

* Google Scholar

21. 21. Zhou L, Wang L, Sun Y. MIStore: a Blockchain-Based Medical Insurance Storage System. J Med Syst. 2018;42(8):149. pmid:29968202

* View Article

* PubMed/NCBI

* Google Scholar

22. 22. Kumari A, Patel MM, Shukla A, Tanwar S, Kumar N, Rodrigues JJPC. ArMor: A Data Analytics Scheme to identify malicious behaviors on Blockchain-based Smart Grid System. In: GLOBECOM 2020 - 2020 IEEE Global Communications Conference. IEEE. 2020, p. 1–6.

* View Article

* Google Scholar

23. 23. Kumari A, Tanwar S. A Data Analytics Scheme for Security-aware Demand Response Management in Smart Grid System. 2020 IEEE 7th Uttar Pradesh Section International Conference on Electrical, Electronics and Computer Engineering (UPCON). 2020, p. 1–6.

* View Article

* Google Scholar

24. 24. Umran SM, Lu S, Abduljabbar ZA, Zhu J, Wu J. Secure Data of Industrial Internet of Things in a Cement Factory Based on a Blockchain Technology. Applied Sciences. 2021;11(14):6376.

* View Article

* Google Scholar

25. 25. M. Umran S, Lu S, Ameen Abduljabbar Z, Tang X. A Blockchain-Based Architecture for Securing Industrial IoTs Data in Electric Smart Grid. Computers, Materials & Continua. 2023;74(3):5389–416.

* View Article

* Google Scholar

26. 26. Al Sibahee MA, Abduljabbar ZA, Ngueilbaye A, Luo C, Li J, Huang Y, et al. Blockchain-Based Authentication Schemes in Smart Environments: A Systematic Literature Review. IEEE Internet Things J. 2024;11(21):34774–96.

* View Article

* Google Scholar

27. 27. Bamakan SMH, Motavali A, Babaei Bondarti A. A survey of blockchain consensus algorithms performance evaluation criteria. Expert Systems with Applications. 2020;154:113385.

* View Article

* Google Scholar

28. 28. Wang Y, Peng H, Su Z, Luan TH, Benslimane A, Wu Y. A Platform-Free Proof of Federated Learning Consensus Mechanism for Sustainable Blockchains. IEEE J Select Areas Commun. 2022;40(12):3305–24.

* View Article

* Google Scholar

29. 29. Alharby M, van Moorsel A. BlockSim: An Extensible Simulation Tool for Blockchain Systems. Front Blockchain. 2020;3.

* View Article

* Google Scholar

30. 30. AlHamrani N, AlHamrani A. People of determination (disabilities) recruitment model based on blockchain and smart contract technology. Technol Invest. 2021;12:136–50.

* View Article

* Google Scholar

31. 31. Turkanović M, Hölbl M, Košič K, Heričko M, Kamišalić A. EduCTX: A blockchain-based higher education credit platform. IEEE Access. 2018;6:5112–27.

* View Article

* Google Scholar

32. 32. Li H, Han D. EduRSS: A Blockchain-Based Educational Records Secure Storage and Sharing Scheme. IEEE Access. 2019;7:179273–89.

* View Article

* Google Scholar

33. 33. Ayub Khan A, Laghari AA, Shaikh AA, Bourouis S, Mamlouk AM, Alshazly H. Educational Blockchain: A Secure Degree Attestation and Verification Traceability Architecture for Higher Education Commission. Applied Sciences. 2021;11(22):10917.

* View Article

* Google Scholar

34. 34. Nakamoto S. Bitcoin: A peer-to-peer electronic cash system. Decentralized Business Review. 2008;21260.

* View Article

* Google Scholar

35. 35. HyperLedger Fabric Docs. Read the Docs. n.d. [cited November 15, 2022]. Avaiable from: https://hyperledger-fabric.readthedocs.io/en/release-2.3/.

* View Article

* Google Scholar

36. 36. Nick Szabo. Smart Contracts. 1994 [cited November 23, 2022]. Avaiable from: https://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart.contracts.html

* View Article

* Google Scholar

37. 37. Benet J. Ipfs-content addressed, versioned, p2p file system. ArXiv Preprint ArXiv:14073561. 2014.

* View Article

* Google Scholar

38. 38. Johnson D, Menezes A, Vanstone S. The elliptic curve digital signature algorithm (ECDSA). Int J Inf Secur. 2001;1:36–63.

* View Article

* Google Scholar

39. 39. Conti M, Dragoni N, Lesyk V. A Survey of Man In The Middle Attacks. IEEE Commun Surv Tutorials. 2016;18(3):2027–51.

* View Article

* Google Scholar

40. 40. Yu H, Kaminsky M, Gibbons PB, Flaxman AD. SybilGuard: Defending Against Sybil Attacks via Social Networks. IEEE/ACM Trans Networking. 2008;16(3):576–89.

* View Article

* Google Scholar

Citation: Chen C-L, Zeng K-W, Chen H-C, Deng Y-Y, Lee C-F, Huang D-C, et al. (2025) Secure and efficient graduate employment: A consortium blockchain framework with InterPlanetary file system for privacy-preserving resume management and efficient talent-employer matching. PLoS One 20(8): e0315277. https://doi.org/10.1371/journal.pone.0315277

About the Authors:

Chin-Ling Chen

Roles: Conceptualization, Methodology, Writing – review & editing

Affiliations: School of Information Engineering, Changchun Sci-Tech University, Changchun, Jilin Province, China, Department of Computer Science and Information Engineering, Chaoyang University of Technology, Taichung City, Taiwan

ORICD: https://orcid.org/0000-0002-4958-2043

Kuang-Wei Zeng

Roles: Conceptualization, Methodology, Writing – original draft

Affiliation: Department of Information Management, Chaoyang University of Technology, Taichung City, Taiwan

Hsing-Chung Chen

Roles: Formal analysis, Investigation, Writing – review & editing

E-mail: [email protected] (H-CC); [email protected] (L-CL)

Affiliations: Department of Computer Science and Information Engineering, Asia University, Taichung City, Taiwan, Department of Medical Research, China Medical University Hospital, China Medical University, Taichung City, Taiwan

Yong-Yuan Deng

Roles: Investigation, Software, Validation

Affiliation: Department of Computer Science and Information Engineering, Chaoyang University of Technology, Taichung City, Taiwan

Chin-Feng Lee

Roles: Validation, Writing – review & editing

Affiliation: Department of Information Management, Chaoyang University of Technology, Taichung City, Taiwan

Der-Chen Huang

Roles: Validation, Visualization

Affiliation: Department of Computer Information and Network Engineering & Master Program, Lunghwa University of Science and Technology, Taoyuan City, Taiwan

Ling-Chun Liu

Roles: Conceptualization, Methodology, Writing – original draft

E-mail: [email protected] (H-CC); [email protected] (L-CL)

Affiliation: Department of Computer Information and Network Engineering & Master Program, Lunghwa University of Science and Technology, Taoyuan City, Taiwan

[/RAW_REF_TEXT]

[/RAW_REF_TEXT]