Human Resource Management Task Tracking Management System Based on Blockchain Technology ^†

Abstract

We explore the problems encountered by today’s enterprises when using traditional human resource management systems and task tracking management systems to propose the use of blockchain technology as an innovative solution for internal human resource management and task tracking management. To ensure the security, transparency, non-repudiation, and traceability of the information submitted by various parties in the entire life cycle of task tracking management, we propose a task tracking management system based on blockchain technology. The system architecture integrates the key stakeholders in the entire value chain of task tracking management in human resource management, including internal employees, department managers, and human resource management departments. The architecture integrates the internal work tracking and management process of the enterprise through blockchain technology, ensuring data non-repudiation through digital signatures. Asymmetric encryption and decryption technology are employed to prevent data leakage and resist ransomware attacks. Based on the above features, it is highly suitable for enterprise introduction and use.

1. Introduction

In 2010, Kazuo [1] was appointed the chairman of Japan Airlines (JAL), which was in the process of bankruptcy reorganization. He divided the company into small independent units, improved management efficiency and service quality, and allowed JAL to be listed again in only three years, bringing it back to life [2]. Kazuo’s management style is centered on “Amoeba Management” [3], a management model that divides the company into small independent units (Amoeba), allowing each unit to operate independently and be responsible for its own profits and losses. This enables all employees to participate in decision-making, enhances their enthusiasm for production, fosters a deeper understanding of the outcomes of their work, and facilitates the company’s flexible response to market changes. The reason why Kazuo Inamori was able to achieve the above results is that the most important factor is the need for a transparent, traceable, non-deniable, and non-tamperable task tracking and management system to coordinate the recording, tracking, control, and management of each employee’s work performance. Through a systematic and objective scoring method, the work performance of each employee in the company is evaluated, and through an appropriate reward and punishment mechanism, the work performance of employees is guided to develop in a positive direction, and employees with inadequate work performance are eliminated, so that the company can develop better and better.

The human resource management system (HRMS) is an information system that helps companies automate and integrate human resource management processes, covering management from recruitment, appointment, salary, attendance, performance, and talent development. A task tracking management system (TTMS) is a tool used to monitor and manage the progress of work tasks, ensuring that teams or individuals can complete their work effectively.

The heads of departments in an enterprise assign multiple tasks to their employees on a daily basis. Without a system that can assist in tracking, controlling, and managing tasks, department managers will not be able to truly grasp the execution status of assigned tasks, nor will they be able to understand the work efficiency of their employees. The primary purpose of performance appraisal in human resource management is to retain employees with strong work performance and to eliminate those with poor work performance. To evaluate employee work performance, most companies do not utilize a task tracking management system and are therefore unable to apply objective standards to calculate employee work performance, which is instead subjectively determined by department managers. This is beneficial for employees who enjoy taking credit, currying favor with, and pleasing their department managers. However, it is disadvantageous for employees who struggle to communicate effectively with department managers. This method cannot objectively present the work performance of each employee, and the company cannot appropriately eliminate unsuitable employees. This leads to the problem of bad money driving out good money, and the company will be unable to retain employees with truly exceptional work performance. This is a problem that every company must face.

The current human resource management system and the task tracking management system both utilize traditional relational database systems to store data, and these two systems are not integrated. Furthermore, systems lack a rigorous data access control mechanism, which makes it easy for human intervention to manipulate or delete data. Furthermore, today’s hackers encrypt and steal data from database systems and files stored on file servers, and then demand that the attacked companies pay a substantial ransom. If the company is unwilling to pay the ransom, the hackers will either sell the stolen data on the dark web or make it public, resulting in incalculable losses for the company.

There are already numerous successful cases of blockchain technology being applied in supply chain management [4,5,6,7,8,9,10,11,12]. We integrate the human resource management system and the task tracking management system, and introduce the distributed ledger and consensus mechanism of blockchain technology to ensure that data records in all transaction processes are secure, transparent, immutable, and tamper-proof. Smart contracts ensure the storage and access of transaction data and are automatically executed according to preset business logic, eliminating the need for human intervention [13,14,15]. Digital signature uses encryption technology to verify the authenticity and integrity of digital messages or documents [16,17,18]. Post-quantum cryptography refers to the design and research of cryptographic algorithms and techniques that can resist attacks by quantum computers [19,20,21,22].

With the advancement of quantum computer technology, many existing public key cryptographic algorithms, such as the Rivest–Shamir–Adleman (RSA) algorithm, the digital signature algorithm (DSA), and elliptic curve cryptography (ECC), are at risk of being cracked; therefore, post-quantum cryptography has become a hot area of cryptographic research. In post-quantum cryptography, new quantum algorithms (such as Shor’s Algorithm) use the characteristics of quantum computing, such as the superposition state of quantum bits, which process multiple inputs and parallel calculations at the same time and crack cryptographic systems based on prime factors of large integers and polynomial calculations in a short time. To protect future information security, post-quantum cryptography is a crucial technology for defending against potential attacks by quantum computers. Therefore, we propose post-quantum cryptography technology for digital signing, encryption, and decryption. The primary functions of a digital signature are authentication to confirm the identity of the signer, data integrity to ensure that data has not been tampered with during transmission, and non-repudiation to prevent the signer from denying having signed a document. The sender digitally signs the transmitted data, and the receiver verifies the digital signature of the received data to ensure the non-repudiation of the data. Asymmetric encryption and decryption technology encrypts and decrypts the transmitted data to prevent data leakage during the transmission process.

The decentralized storage and sharing interplanetary file system (IPFS) [23] effectively resists attacks from encrypted ransomware. A strict data access authorization mechanism is implemented in the smart contract to ensure that data can only be accessed legally after verification by the system, providing enhanced and more secure protection for data.

The rest of this article is organized as follows. Section 2 discusses and lists the threats that may be faced. Section 3 proposes a feasible application based on blockchain distributed ledger technology to integrate the internal task tracking management process of the enterprise. Section 4 explains the feasibility and advantages of the model. Section 5 presents the performance results. Section 6 draws reasonable conclusions.

2. Potential Threats

Any information system has potential threats. The threats supply chain management systems face during application or transaction processes. The potential threats are as follows.

2.1. Lack of Unified Traceability Platform

Without a transparent and trustworthy task data traceability platform to interconnect and share the data of each participant in the enterprise’s task tracking management, employees cannot obtain accurate and complete task information to verify whether the tasks they are performing can be fully traced back to the entire work process. Due to a lack of a reliable traceability platform, it is difficult for employees to know whether the work reports they have completed have been altered. This gives corporate managers and department managers the opportunity to judge their subordinates’ work performance in their own subjective way, resulting in less objective evaluation results. This is unfair to employees and causes the company to struggle with retaining hardworking staff, resulting in a significant loss for the company. Therefore, a corporate task data tracing platform is necessary to ensure that every employee can work with confidence, thereby enabling the company to retain top talent.

2.2. Falsification and Manipulation of Information

Generally, information systems used within enterprises employ relational database systems to store data. The data entered by users is saved in the database and then retrieved for processing. Internal personnel of the company or malicious hackers can arbitrarily tamper with the data stored in the database for their own interests, thereby questioning the accuracy and reliability of the data.

2.3. Man-in-the-Middle Attack

4A malicious person can exploit the network’s characteristics to monitor communication between the sender and the receiver. The person can eavesdrop, intercept, and transmit communication messages disguised as the two parties. This is the most common method of network attack. Gangan [24] focused specifically on the possibility of exploiting timing anomalies for attack detection in instant messaging. Transaction information within an enterprise holds significant commercial value. If a malicious person eavesdrops on or intercepts beneficial information in a transaction and sells it to competitors with relevant interests in the enterprise, it will cause significant losses to the enterprise.

2.4. Replay Attack

A replay attack is a method of eavesdropping, intercepting, and repeatedly sending disguised, false messages by impersonating the original sender, causing the receiver to receive false messages repeatedly. A replay attack can send messages so quickly that it causes the system to crash when the attacker sends an excessive number of invalid messages simultaneously.

2.5. Sybil Attack

A Sybil attack is a type of cyber attack that attempts to influence or manipulate the network by creating a large number of false identities (such as fake accounts). Douceur [25] mentioned this type of attack in 2002. Most decentralized systems (such as peer-to-peer, blockchain, and social networks) can easily be affected by Sybil attacks if they are not well-protected.

2.6. Ransomware Attack

In 1996, Adam and Moti proposed a new way of detecting threats: the use of encryption technology can expand the attacker’s ability not only to destroy or steal secrets, but also to conduct extortion [26]. Malicious attackers use malware to encrypt files within an enterprise, rendering them inaccessible to users. They then demand that the victim enterprise pay a ransom to obtain a decryption program to restore the files. Such attacks pose a significant threat to businesses, government agencies, hospitals, and individuals alike. The ransomware attack on CDK Global [27] resulted in significant losses, and companies must be vigilant about such issues. On 18 June 2024, CDK Global suffered its first ransomware attack, resulting in the closure of approximately 15,000 car dealerships in the United States and Canada. In the first two weeks, dealers suffered financial losses of approximately USD 605 million. The group behind the attack, BlackSuit, initially demanded a USD 10 million ransom from CDK Global, which was later increased to more than USD 50 million. While struggling to recover from the initial attack, the company suffered a second attack. Therefore, we use techniques to avoid these potential threats.

3. Method

3.1. System Overview

In this study, a blockchain network architecture is proposed for managing enterprise tasks, as illustrated in Figure 1. The overall system comprises task tracking management, blockchain service center architecture, Hyperledger Fabric consortium blockchain service, application components, and data storage components. User entities that join the task tracking management blockchain can store data in the data storage component through the client in the application component, and then use the address information returned by it, along with other required transaction information, to interact with the Hyperledger Fabric blockchain network.

In the operation process of the internal task tracking and management blockchain system within the enterprise, there are four entity roles: blockchain center (BC), employees (EMP), department managers (MGR), and HR.

• BC: Each participating role in the enterprise must register with the blockchain center and obtain a digital certificate issued by the blockchain certificate center before entering the system proposed in this article.
• EMP: Individuals who are employed by an organization and provide services in exchange for compensation. These individuals may be full-time, part-time, contract, or temporary workers, and must be managed by the employing business organization.
• MGR: Leaders who are responsible for the management and operation of a specific department. Their main responsibilities include the following: formulating departmental goals, strategies, and operational plans, managing employees within the department, supervising employee performance, training and developing employees within the department, allocating resources within the department (manpower, finance, equipment), coordinating work within the department, communicating and cooperating across departments, and evaluating the performance of employees within the department.
• HR: It is an important department in an enterprise responsible for employee management, talent development, and organizational operations. Its main functions include the following: formulating recruitment strategies, attracting and screening suitable employees, providing employee training programs, improving skills and career development, managing employee compensation and benefits, evaluating employee performance, formulating reward and improvement plans, maintaining a good working environment, handling labor–management relations and employee communications, and planning corporate culture and long-term human resource strategies.

The framework proposed in this study is illustrated in the following operational phases.

• Registration phase: Each entity in the system must join and become a blockchain network node, and all entities need to apply for certification from the certificate authority (CA) of the enterprise work task tracking management blockchain center (BC). After certification, the digital certificate issued by the CA agency is registered in the host of the enterprise human resource management alliance blockchain as the basis for digital identity recognition.
• Tasks assigned phase: When a department manager has work to assign to employees, he or she must enter the designated assignor and estimated completion time in the task tracking management system as the basis for subsequent system backtracking and tracking management.
• Tasks progress report phase: Employees must complete their work reports in the task tracking management system before leaving work. The department manager scores based on their work performance, and the work item tracking management system also gives an objective score based on the employee’s work performance, which is entered into the performance management system as the employee’s work performance score. The human resource management department uses this as a reference for arranging employee career planning, key talent training, and human resources scheduling.
• Performance evaluation phase: Performance evaluation is a tool used by human resource management departments to evaluate employees’ work performance. It is also an important activity and tool for talent selection in human resource management. The human resource management department rewards employees with high performance and imposes appropriate punishment on employees with low performance. If an employee fails to meet the standards consecutive times, he or she may face layoffs.
• Award phase: Rewards are one of the most important tools in human resource management. There are two types of rewards: one is a spiritual reward that inspires employees’ sense of honor and enhances their cohesion, and the other is a substantial reward that drives employees to achieve higher work performance.

3.2. Notations

The list of notations in this study is shown in

Table 1. List of notations in this study.

Notation	Description
$I{D}_X$	Identity of role X.
$d_X/Q_X$	Role X’s public/private key for digital signature.
$pu{k}_X/pr{k}_X$	Role X’s public/private key for encryption and decryption.
$Cer{t}_X$	Digital certificate for role X.
$Dat{a}_X$	Each transaction data of role X.
$CDat{a}_X$	Encrypted transaction data of role X.
$Ms{g}_X$	Represents the transaction message uploaded by role X to Hyperledger Fabric.
$CMs{g}_X$	Encrypted message of the role X.
$hash(.)$	One-way hash function.
$h_{Dat{a}_X}$	The hash function value of the role X transaction data.
$CI{D}_X$	The content identifier of the file produced by role X is stored in IPFS.
$(r_x,s_x)$	Signature value established by role X.
$En{c}_{pu{k}_X}\left(Ms{g}_X\right)$	The message $Ms{g}_X$ is encrypted using the public key $pu{k}_X$ of role X.
$Den{c}_{pr{k}_X}\left(CMs{g}_X\right)$	Use role X’s private key $pr{k}_X$ to decrypt the encrypted message $CMs{g}_X$.
$T_i$	i-th timestamp.
$\Delta T$	The difference between the time the message is sent and the time it is received.
$A\stackrel{?}{=}B$	Verify if A is equal to B.

.

3.3. Registration Phase

Each entity in the task tracking management blockchain needs CA to generate the key pair required to issue the relevant digital certificates. It must first receive registration information from all entities joining the Hyperledger Fabric network. We use $Use{r}_X$ to represent each entity in the proposed network. The registration process is shown in Figure 1. The specific process is as follows.

• Step 1: The client of each entity in the task tracking management blockchain transmits the registration information to the CA node of the Hyperledger Fabric network. If the registration information is valid, the CA node proceeds to the second step. If not, the client receives a corresponding prompt.
• Step 2: The CA node uses a post-quantum cryptographic algorithm to generate a unique identity $I{D}_X$ based on the registration information provided by $Use{r}_X$ using Algorithm A1 in Appendix A. Algorithm A2 in Appendix A is used to generate the public key $Q_X$ and private key $d_X$ for a digital signature. Algorithm A3 in Appendix A generates the public key $pu{k}_X$ and private key $pr{k}_X$ for encryption and decryption. It is then packaged into a digital certificate $Cer{t}_X$ that complies with the X.509 standard format and is sent back to the user.
• Step 3: The client saves the key pair and certificate $I{D}_X$ provided by the CA after registration.

  $$Stores(I{D}_X,d_X,Q_X,pu{k}_X,pr{k}_X,Cer{t}_X)$$

  (1)

3.4. Tasks Assigned Phase

The launch of the task tracking management blockchain begins with the work assignment phase, which primarily involves exchanging information between the department manager and the employee through the Hyperledger Fabric blockchain. Due to the length limitation of the paper, the interactive process between the sender and the receiver from the assignment phase to the reward phase is the same, so only the detailed process of the assignment phase is listed in this paper. The assignment workflow is shown in Step 2 of Figure 1. The specific process is as follows.

• Step 1. The process for department managers to send work materials to employees is as follows.

The department manager selects suitable employees, issues, and generates $Dat{a}_{MGR}$. The department manager then uses the employee’s public key $pu{k}_{EMP}$ to encrypt the assigned task data $Dat{a}_{MGR}$ using an asymmetric encryption algorithm to generate encrypted assigned task data $CDat{a}_{MGR}$. The department manager then stores the encrypted task assignment $CDat{a}_{MGR}$ in IPFS that returns the corresponding content identifier $CI{D}_{MGR}$.

$$CDat{a}_{MGR}=En{c}_{pu{k}_{EMP}}\left(Dat{a}_{MGR}\right)$$

(2)

The department manager calculates the hash value of the encrypted work assignment data $CDat{a}_{MGR}$ and generates a message including the hash value $h_{Dat{a}_{MGR}}$ of the work assignment data.

$$h_{Dat{a}_{MGR}}=hash\left(CDat{a}_{MGR}\right)$$

(3)

The department manager uses his own identity $I{D}_{MGR}$, the employee’s identity $I{D}_{EMP}$, the hash value $h_{Dat{a}_{MGR}}$ of the assigned task data, the $CI{D}_{MGR}$ of the assigned task data, and the timestamp of the message sending time $T_1$ to generate the assigned task message $Ms{g}_{MGR}$.

$$Ms{g}_{MGR}=(I{D}_{MGR},I{D}_{EMP},h_{Dat{a}_{MGR}},CI{D}_{MGR},T_1)$$

(4)

The department manager uses the employee’s public key $pu{k}_{EMP}$ to encrypt the assigned work message $Ms{g}_{MGR}$ using an asymmetric encryption algorithm to generate an encrypted message $CMs{g}_{MGR}$ that is uploaded to the blockchain center.

$$CMs{g}_{MGR}=En{c}_{pu{k}_{EMP}}\left(Ms{g}_{MGR}\right)$$

(5)

The department manager uploads the encrypted message $CMs{g}_{MGR}$ of the blockchain center and adds his own private key $d_{MGR}$, and calls the Sign process function of Algorithm A4 (Appendix A) to generate the department manager’s digital signature $(r_{MGR},s_{MGR})$.

$$(r_{MGR},s_{MGR})=Sign(CMs{g}_{MGR},d_{MGR})$$

(6)

The department manager calls Algorithm A5 of Appendix A. Upload transaction information link chaincode, uploads the encrypted message $CMs{g}_{MGR}$ used to upload the blockchain center to the Hyperledger Fabric network platform, and then sends the upload success message to the employee through the client.

• Step 2. The process for employees to receive assigned work materials is as follows.

After receiving the notification from the department manager, the employee’s client goes to the Hyperledger Fabric network center to query the encrypted message $CMs{g}_{MGR}$ uploaded by the department manager to the blockchain center. Then, by subtracting the timestamp of time $T_1$ sent by the department manager from the timestamp of time $T_2$ received, we obtain the time difference $\mathsf{\Delta }T$, which is used to verify the timeliness of the data.

$$Check(T_2-T_1)\le \mathsf{\Delta }T$$

(7)

The employee uses the Verify process function in Algorithm A6 of Appendix A to verify the validity of the signature.

$$Verify(CMs{g}_{MGR},r_{MGR},s_{MGR},Q_{MGR})$$

(8)

If the signature is illegal, the subsequent processing is abandoned. If the signature is legal, the employee uses his own private key $pr{k}_{EMP}$ to decrypt the encrypted message $CMs{g}_{MGR}$ uploaded by the department manager to the blockchain center, and then he can get the assigned task message $Ms{g}_{MGR}$.

$$Ms{g}_{MGR}=Den{c}_{pr{k}_{EMP}}\left(CMs{g}_{MGR}\right)$$

(9)

The employee obtains the assigned task data $CI{D}_{MGR}$ from the assigned task message $Ms{g}_{MGR}$, and then uses $CI{D}_{MGR}$ to obtain the encrypted assigned task data $CDat{a}_{MGR}$ uploaded by the department manager on IPFS, and then calculates its hash value $h{’}_{Dat{a}_{MGR}}$.

$$h{’}_{Dat{a}_{MGR}}=hash\left(CDat{a}_{MGR}\right)$$

(10)

When the employee comparison $h{’}_{Dat{a}_{MGR}}$ is not the same as $h_{Dat{a}_{MGR}}$, the subsequent processing is abandoned. If they are the same, the employee uses his own private key $pr{k}_{EMP}$ to decrypt the encrypted assigned task information $CDat{a}_{MGR}$, and can obtain the assigned task information $Dat{a}_{MGR}$.

$$h{’}_{Dat{a}_{MGR}}\stackrel{?}{=}{h}_{Dat{a}_{MGR}}$$

(11)

$$Dat{a}_{MGR}=Den{c}_{pr{k}_{EMP}}\left(CDat{a}_{MGR}\right)$$

(12)

3.5. Tasks Progress Report Phase

After accepting the work assigned by the department manager, the employee begins to perform the assigned tasks and reports the progress of their execution. The two entities, employees and department managers, mainly exchange information with each other through the Hyperledger Fabric blockchain. The work reporting process is shown in Step 3 of Figure 1. The specific process is as follows.

• Step 1: The employee reports the progress of the assigned work to the department manager.
• Step 2: The department manager receives the report on the execution of the assigned work.

3.6. Performance Evaluation Phase

After an employee completes the work assigned by the department manager in the task tracking management system, the system calculates the performance score according to the predefined work performance calculation formula and updates it simultaneously in the performance management system. The human resource management department can obtain employees’ work performance scores in the performance management system and use them as the basis for employee performance appraisal. This helps avoid the errors and problems caused by subjective performance appraisal methods. After the human resource management department completes the employee’s performance appraisal, it must notify the employee of the appraisal results and the department manager of the department’s employee performance appraisal report. This phase primarily involves the exchange of information among the three entities of the human resource management department, employees, and department managers via the Hyperledger Fabric blockchain. The performance appraisal process is shown in Step 4 of Figure 1. There are two processes as follows.

• Process for notifying employees of performance appraisal results
  • Step 1: The human resource management department notifies employees of the performance appraisal results.
  • Step 2: Employees receive the employee performance appraisal results.
• Process for notifying department managers of performance appraisal results reports
  • Step 1: The human resource management department notifies the department manager of the department’s employee performance appraisal result report.
  • Step 2: The department manager receives the department’s employee performance appraisal result report information.

3.7. Award Phase

Appropriate rewards and punishments can motivate employees’ work performance. After the human resource management department obtains the employees’ work performance appraisal results in the performance management system, it rewards employees whose performance appraisal scores reach or exceed the reward standards and punishes employees who do not meet the standards. After the human resource management department completes the employee’s performance appraisal and rewards and punishments, it must notify the employee of the performance reward and punishment results. Additionally, it must notify the department manager of the department’s employee performance reward and punishment results report. This phase primarily involves the exchange of information among the three entities of the human resource management department, employees, and department managers via the Hyperledger Fabric blockchain. The reward phase process is shown in Step 5 of Figure 1. There are two processes as follows.

• The process of notifying employees of reward and punishment results
  • Step 1: The human resource management department notifies employees of the results of rewards and punishments.
  • Step 2: Employees receive information on employee performance rewards and punishments.
• The process of notifying department managers of reward and punishment reports
  • Step 1: The human resource management department notifies the department manager of the department employee reward and punishment report.
  • Step 2: The department manager receives the department employee performance reward and punishment report information.

4. Security Analysis

We conduct several major information security analyses on the methods proposed in the previous sections, including a trusted unified production traceability platform, unforgeable and traceable data, data integrity, non-repudiation, man-in-the-middle attacks, resend attacks, Sybil attacks, and ransomware attacks.

4.1. Unforgeable and Traceable Data

The developed system is integrated with blockchain technology to build a trustworthy tracking, management, and tracing platform. Because we integrate blockchain technology into the system, the system inherits the characteristics of blockchain, which means that it cannot be forged, and data can be traced. The communication and data synchronization between nodes within the blockchain network are facilitated by a consensus algorithm, which ensures the integrity of the data in the blockchain network. All participants are nodes in the blockchain network. Each node has a ledger, and the nodes synchronize the records in the ledger through consensus algorithms and sorting nodes. The synchronization process of the blockchain ledger record data is as follows.

The user first calls the chaincode function, which proposes to update the ledger to each peer node in the blockchain network. These peer nodes sign and respond to the signed proposal, updating the ledger. The sorting node then receives transactions and responses from all nodes in the network and updates the ledger of each node. Finally, the chaincode returns the execution result to the user. This consensus mechanism can ensure the integrity of the data and cannot be tampered with by anyone.

4.2. Data Integrity

To ensure the integrity of the data during communication between the sender and the receiver, we use a hash function on the sender to calculate the data to be transmitted and generate a hash value $h_{Dat{a}_X}=hash\left(CDat{a}_X\right)$; the receiving party uses a hash function to calculate the received data and generate a hash value $h{’}_{Dat{a}_X}=hash\left(CDat{a}_X\right)$ for verification, and then compares the two $h_{Dat{a}_X}\stackrel{?}{=}h{’}_{Dat{a}_X}$. If the two are the same, it proves that the information is complete and correct; on the contrary, it proves that an unknown third party intervened in the transmission process and the data is incomplete and has been tampered with or destroyed.

When a sender sends a message to a receiver, a malicious attacker can eavesdrop on and tamper with, or destroy, the message during transmission. When sending a message, the sender uses a hash function to calculate the data to be sent and generate a hash value. The recipient uses a hash function to calculate the received data and a hash value for verification. After comparison, it is found that the two are different, indicating that an unknown third party intervened in the transmission process, and the data is incomplete, having been tampered with or destroyed.

4.3. Non-Repudiation

Message non-repudiation can be achieved using the method proposed. We use Algorithm four sign process function to generate a digital signature on the sender side. After receiving the message, the receiver must use the Verify process function in Algorithm A6 to verify whether the received message was sent by the sender. After the message has been digitally signed and verified, the sender cannot deny having sent the message. If any information is forged or tampered with, it cannot pass digital signature verification.

When a sender sends a message to a receiver. While the message is being transmitted, a malicious attacker intercepts and modifies it. The sender uses Algorithm A4 to generate a digital signature when sending a message. After receiving the message, the receiver uses the Verify process function in Algorithm A6 to verify whether the received message can pass the digital signature verification. If this is verified by a digital signature, it must be the message sent by the sender, and the sender cannot deny it.

4.4. Man-in-the-Middle Attack Analysis

To prevent malicious third-party attackers from intercepting and eavesdropping on network communications, we utilize asymmetric encryption algorithms to encrypt the data being transmitted. The sender encrypts the data to be transmitted using the receiver’s public key; The recipient can only obtain the real data by decrypting the received data with his own private key.

When a sender sends a message to a receiver, a malicious attacker can eavesdrop on and modify the message while it is being transmitted. The sender uses the receiver’s public key to encrypt the message when sending it. Malicious attackers do not have the recipient’s private key and cannot decrypt the encrypted message and obtain the correct message content.

4.5. Replay Attack Analysis

We insert a delivery timestamp $T_1$ into each message sent by the sender. The receiver obtains the transmission timestamp from the decrypted message and calculates and confirms the time difference $T_2-T_1=\mathsf{\Delta }T$ between it and the receiving timestamp $T_2$. If a malicious third party replays the message, the calculated time difference exceeds the reasonable value, and the verification fails.

When a malicious attacker monitors the sender’s message and then sends the same message to the receiver, the receiver uses the private key to decrypt the message and obtain the corresponding timestamp, calculates the difference between the current time and the timestamp, and compares it with the threshold. If the difference exceeds the queue value, the system determines that this is a recent attack and rejects the message.

4.6. Sybil Attack Analysis

A Sybil attack is a type of cyber attack that attempts to influence or manipulate the network by creating a large number of false identities (such as fake accounts). To avoid this potential risk, blockchain utilizes a consensus mechanism to increase the entry threshold for nodes. This approach requires malicious attackers to occupy more than half of the nodes in the entire system, making attacks impractical due to the high cost. Each user in this scheme must obtain the corresponding ID, public key, private key, and certificate during the registration phase. The parameters related to the user identity are generated by the blockchain center using a post-quantum cryptographic algorithm. The user obtains and stores these parameters, and each user must use these parameters to enter the system after authentication.

Malicious nodes can forge many false identities to access the blockchain system. The parameters related to each user’s identity are generated by the blockchain center. Each user has a unique identification, corresponding public key, private key, and certificate. Attackers cannot obtain complete user identity-related parameters and cannot gain unauthorized access to the system through authentication. All operations are ignored and rejected by the system. Therefore, a Sybil attack is unsuccessful.

4.7. Ransomware Attack Analysis

Ransomware attacks are a type of advanced persistent threat (APT), a complex and multifaceted cyber attack launched by attackers against specific organizations. The attackers begin by gathering intelligence on the victim organization, collecting and stealing trade secrets, identifying application vulnerabilities, and developing subsequent attack-related plans. Once the plan is completed, it takes only a short time to launch an attack that encrypts files and demands a substantial ransom, resulting in significant losses for the victim. To avoid this potential risk, we use IPFS to implement a distributed storage, sharing, and persistent file storage mechanism. IPFS combines a decentralized hash table, encouraged block exchange, and a self-certifying namespace. Provides a high-throughput, content-addressed block storage model with content-related hyperlinks. IPFS has no single point of failure problem and nodes do not need to trust each other. Distributed content delivery saves server and network transmission traffic and avoids network distributed denial-of-service attacks. After the user uploads a file through the IPFS gateway, IPFS performs a hash operation on the uploaded file’s content and generates the file’s hash value as its CID. If the content of the file is tampered with, a different CID is generated, and the original file is not overwritten, thus avoiding ransomware attacks.

When a malicious attacker performs an encryption attack on files stored on IPFS, they do not overwrite the original files; instead, they generate new files and new CIDs after encrypting the files stored in IPFS. Therefore, the ransomware attack is unsuccessful.

5. Discussion

Computing cost is an important indicator for evaluating system performance.

Table 2. The computing cost of the proposed system.

Phase	Party
	Sender Computing Cost	Receiver Computing Cost
Tasks assigned phase	MGR $2T_{Enc}+2T_{Hash}+T_{Sign}$	EMP $T_{Sub}+2T_{Denc}+2T_{Hash}+T_{Verify}+T_{Compare}$
Tasks progress report phase	EMP $2T_{Enc}+2T_{Hash}+T_{Sign}$	MGR $T_{Sub}+2T_{Denc}+2T_{Hash}+T_{Verify}+T_{Compare}$
Performance evaluation phase	HR $2T_{Enc}+2T_{Hash}+T_{Sign}$	EMP/MGR $T_{Sub}+2T_{Denc}+2T_{Hash}+T_{Verify}+T_{Compare}$
Award phase	HR $2T_{Enc}+2T_{Hash}+T_{Sign}$	EMP/MGR $T_{Sub}+2T_{Denc}+2T_{Hash}+T_{Verify}+T_{Compare}$

details the computing costs of our proposed scheme for employees, department managers, and HRM at each phase, showing that the computing costs for each role are equal. For example, during the work assignment phase, when the department manager transmits data, he needs to perform an encryption operation ($T_{Enc}$) twice, a hash function operation ($T_{Hash}$) twice, and a digital signature operation ($T_{Sign}$) once. When an employee receives data, he needs to perform a subtraction operation ($T_{Sub}$) once, a decryption operation ($T_{Denc}$) twice, a hash function operation ($T_{Hash}$) twice, a digital signature verification operation ($T_{Verify}$) once, and a comparison operation ($T_{Compare}$) once.

5.1. Performance Analysis

We utilize Hyperledger Caliper for performance analysis. Caliper is a blockchain system performance testing software used to analyze and test the performance of blockchain systems. We set up a virtual machine on a physical machine for testing. The physical environment of the test is as follows: Intel Core i9-9920X CPU, 128 gigabytes (GB) random access memory (RAM), operating system is Windows 10 Pro 22H2. We use Windows Hyper-V to create a virtual machine for testing. The environment configuration is as follows: 10 virtual CPUs, 16 GB virtual RAM, Hyperledger Fabric 2.4.9, Go 1.18, Hyperledger Caliper 0.6.0. The operating system is Ubuntu 20.04.3 LTS.

Since the communication protocols of the solutions in each article differ, and the number of nodes in the consortium chain of each solution also varies, it is challenging to compare their performance. Therefore, we adopt the two most used performance indicators for blockchain systems: throughput and latency. Throughput refers to the number of transactions added to the blockchain ledger per second and is used to evaluate the system’s transaction efficiency. Latency is the time difference between when an application initiates a transaction and when it receives the transaction, and it is used to evaluate transaction time efficiency.

Figure 2 shows the relationship between latency and sending rates. The latency is positively correlated with the transfer rate, with a minimum of <0.01 s and a maximum of 0.09 s for read transactions, and a minimum of 0.21 s and a maximum of 13.43 s for write transactions. After the sending rate reaches 400 transactions per second (tps), the latency growth rate becomes relatively slow, indicating that the system’s transaction efficiency has approached the threshold. Therefore, the proposed system has sufficient performance to read and write task tracking management data related to the value chain. Users in the task tracking management value chain can access task tracking management value chain-related data quickly and modify it according to their own permissions.

Figure 3 shows the relationship between throughput and sending rate. We selected 17 groups of data for testing, and the transmission rate of each group differed by 50 TPS. The throughput of reading transactions is approximately linearly correlated with the sending rate, ranging from a low of 51.7 transactions per second (tps) to a high of 895.5 tps. The throughput of write transactions is positively correlated with the sending rate, which increases slowly from the lowest 40.3 tps to the highest 136.3 tps. We can observe that, after the sending rate gradually increases (perhaps approaching a threshold), the relative growth of throughput begins to slow down.

5.2. Comparison of Research

There are numerous instances of blockchain technology being applied in human resource management. We identified four related papers on the application of blockchain technology in human resource management for comparison.

Table 3. Comparison of related studies.

Item	Reference	Year	Description	1	2	3	4	5	6	7
1	Kim et al. [28]	2020	This paper aims to apply blockchain to human resource management, addressing challenges such as data privacy and the verification of employee credentials.	Y	Y	Y	N	Y	N	N
2	Shaheen et al. [29]	2023	The chapter begins by outlining the evolution of technology in business, emphasizing the shift from traditional methods to digital solutions. It argues that digital technologies, including blockchain, are transforming HRM by improving efficiency, enhancing employee relations, and addressing challenges in managing the gig economy.	Y	Y	Y	N	N	N	N
3	Balon et al. [30]	2022	Using BCT for production scheduling and human resource management significantly improves planning efficiency by eliminating intermediaries. It emphasizes the need for further research into multi-criteria optimization methods and online planning algorithms to enhance the consensus-building process among consortium members.	Y	Y	N	N	N	N	Y
4	Ghedabna et al. [31]	2024	The integration of AI in HRM significantly enhances the effectiveness of recruitment, performance management, and employee development. Organizations that adopt AI can expect enhanced learning retention, increased productivity, and improved employee satisfaction.	N	N	N	N	N	N	N
5	Fachrunnisa et al. [32]	2020	The proposed framework consists of an HR supply chain model that includes input (skills required), process (approval from training providers), and output (a competent workforce). The framework relies on blockchain technology to gather and validate data on required competencies, enabling consensus among industry participants.	Y	Y	Y	Y	N	N	N
6	Zhu et al. [33]	2023	That blockchain technology offers a promising solution for secure and efficient human resource data sharing. It emphasizes the significance of the Fabric alliance chain in meeting the needs of HR institutions. The authors suggest that future research could involve expanding the alliance chain to include more organizations for enhanced data-sharing capabilities.	Y	Y	Y	N	N	N	N
7	Kişi [34]	2022	Blockchain is a decentralized ledger technology that can enhance recruitment processes by improving transparency and trust.	Y	N	Y	N	N	N	N
8	Our scheme	2025	A traceable and secure task tracking management system based on blockchain is proposed.	Y	Y	Y	Y	Y	Y	Y

1: Blockchain base, 2: Proposed system architecture, 3: Traceable, 4: Mutual authentication, 5: Security analysis, 6: Prevent ransomware, 7: Prevent data theft, Y: yes, N: no.

shows that the system proposed meets the same requirements as other related papers in terms of security and traceability for task tracking management in human resource management.

6. Conclusions

In this study, we proposed a traceable and secure task tracking management system. The contributions of this study are summarized as follows: We proposed the overall architecture of a task tracking management system based on blockchain technology. We utilize Hyperledger Fabric to construct a task tracking blockchain network within our system. The system provides a permissioned, decentralized, and transparent network for participants in the task tracking blockchain network. We introduce the operation of the task tracking management blockchain in phases, including the registration phase, the work assignment phase, the work report phase, the performance appraisal phase, and the reward phase. We provide the communication protocols for each phase and the chaincode (smart contract) of blockchains for reference. The blockchain-based system architecture proposed in this study can store unforgeable and traceable data. Every time a transaction or data is updated, its signature and timestamp must be updated in the ledger of the blockchain network. In a decentralized blockchain network ledger, each node has the same information, and coupled with the blockchain’s unique consensus mechanism, it is difficult for malicious attackers to tamper with the data.

The proposed method is determined through security analysis to address network attack problems, including man-in-the-middle attacks, replay attacks, Sybil attacks, and ransomware attacks. The results ensure that the proposed system is safe and reliable. Therefore, the proposed method can address the potential threats mentioned above. Finally, we analyze the throughput and latency of the proposed method on the blockchain network and determine that its performance is well-suited for task tracking management. Compared to previous studies, we focus on the task tracking management blockchain network, which is particularly suitable for internal task tracking management within enterprises. The blockchain-based system platform should be applied to other scenarios or fields in future studies.