Kaaniche, N. orcid.org/0000-0002-1045-6445, Laurent, M. and Levallois-Barth, C. (2020) ID-based user-centric data usage auditing scheme for distributed environments. Frontiers in Blockchain, 3. 17.
Abstract
Recent years have witnessed the trend of increasingly relying on remote and distributed infrastructures, mainly owned and managed by third parties. This increased the number of reported incidents of security breaches compromising users' personal data, where involved entities may massively collect and process massive amounts of such data. Toward these challenges, this paper combines hierarchical Identity Based Cryptographic (IBC) mechanisms with emerging blockchain technologies and introduces a blockchain-based data usage auditing architecture ensuring availability and accountability in a personal data-preserving fashion. The proposed approach relies on smart auditable contracts deployed in blockchain infrastructures. Thus, it offers transparent and controlled data access, sharing and processing, so that unauthorized entities cannot process data without data subjects' consent. Moreover, thanks to the usage of hierarchical ID-based encryption and signature schemes, the proposed solution protects and ensures the confidentiality of users' personal data shared with multiple data controllers and processors. It also provides auditing capacities with tamper-proof evidences for data usage compliance, supported by the intrinsic properties of the blockchain technology.
Metadata
Item Type: | Article |
---|---|
Authors/Creators: |
|
Copyright, Publisher and Additional Information: | © 2020 The Authors. This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY). The use, distribution or reproduction in other forums is permitted, provided the original author(s) and the copyright owner(s) are credited and that the original publication in this journal is cited, in accordance with accepted academic practice. No use, distribution or reproduction is permitted which does not comply with these terms. https://creativecommons.org/licenses/by/4.0/ |
Keywords: | blockchain; personal data protection; data usage auditing; hierarchical ID-based Cryptography; user-centric; GDPR; accountability |
Dates: |
|
Institution: | The University of Sheffield |
Academic Units: | The University of Sheffield > Faculty of Engineering (Sheffield) > Department of Computer Science (Sheffield) |
Depositing User: | Symplectic Sheffield |
Date Deposited: | 11 May 2020 09:41 |
Last Modified: | 11 May 2020 09:41 |
Status: | Published |
Publisher: | Frontiers Media SA |
Refereed: | Yes |
Identification Number: | 10.3389/fbloc.2020.00017 |
Open Archives Initiative ID (OAI ID): | oai:eprints.whiterose.ac.uk:160384 |