Privacy-aware blockchain for personal data sharing and tracking
Secure data distribution is critical for data accountability. Surveillance caused privacy breaching incidents have already questioned existing personal data collection techniques. Organizations assemble a huge amount of personally identifiable information (PII) for data-driven market analysis and pr...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
De Gruyter
2019-04-01
|
| Series: | Open Computer Science |
| Subjects: | |
| Online Access: | https://doi.org/10.1515/comp-2019-0005 |
| _version_ | 1818720307499761664 |
|---|---|
| author | Onik Md Mehedi Hassan Kim Chul-Soo Lee Nam-Yong Yang Jinhong |
| author_facet | Onik Md Mehedi Hassan Kim Chul-Soo Lee Nam-Yong Yang Jinhong |
| author_sort | Onik Md Mehedi Hassan |
| collection | DOAJ |
| description | Secure data distribution is critical for data accountability. Surveillance caused privacy breaching incidents have already questioned existing personal data collection techniques. Organizations assemble a huge amount of personally identifiable information (PII) for data-driven market analysis and prediction. However, the limitation of data tracking tools restricts the detection of exact data breaching points. Blockchain technology, an ‘immutable’ distributed ledger, can be leveraged to establish a transparent data auditing platform. However, Art. 42 and Art. 25 of general data protection regulation (GDPR) demands ‘right to forget’ and ‘right to erase’ of personal information, which goes against the immutability of blockchain technology. This paper proposes a GDPR complied decentralized and trusted PII sharing and tracking scheme. Proposed blockchain based personally identifiable information management system (BcPIIMS) demonstrates data movement among GDPR entities (user, controller and processor). Considering GDPR limitations, BcPIIMS used off-the-chain data storing architecture. A prototype was created to validate the proposed architecture using multichain. The use of off-the-chain storage reduces individual block size. Additionally, private blockchain also limits personal data leaking by collecting fast approval from restricted peers. This study presents personal data sharing, deleting, modifying and tracking features to verify the privacy of proposed blockchain based personally identifiable information management system. |
| first_indexed | 2024-12-17T20:20:45Z |
| format | Article |
| id | doaj.art-5394043b68c740f29ef6d5a7e4493f83 |
| institution | Directory Open Access Journal |
| issn | 2299-1093 |
| language | English |
| last_indexed | 2024-12-17T20:20:45Z |
| publishDate | 2019-04-01 |
| publisher | De Gruyter |
| record_format | Article |
| series | Open Computer Science |
| spelling | doaj.art-5394043b68c740f29ef6d5a7e4493f832022-12-21T21:33:57ZengDe GruyterOpen Computer Science2299-10932019-04-0191809110.1515/comp-2019-0005comp-2019-0005Privacy-aware blockchain for personal data sharing and trackingOnik Md Mehedi Hassan0Kim Chul-Soo1Lee Nam-Yong2Yang Jinhong3Department of Computer Engineering, Inje University, Gimhae50834, Korea;Department of Computer Engineering, Inje University, Gimhae50834, Korea;Department of Applied Mathematics, Inje University, Gimhae50834, Korea;Department of Healthcare and IT,Inje University, Gimhae50834, Korea;Secure data distribution is critical for data accountability. Surveillance caused privacy breaching incidents have already questioned existing personal data collection techniques. Organizations assemble a huge amount of personally identifiable information (PII) for data-driven market analysis and prediction. However, the limitation of data tracking tools restricts the detection of exact data breaching points. Blockchain technology, an ‘immutable’ distributed ledger, can be leveraged to establish a transparent data auditing platform. However, Art. 42 and Art. 25 of general data protection regulation (GDPR) demands ‘right to forget’ and ‘right to erase’ of personal information, which goes against the immutability of blockchain technology. This paper proposes a GDPR complied decentralized and trusted PII sharing and tracking scheme. Proposed blockchain based personally identifiable information management system (BcPIIMS) demonstrates data movement among GDPR entities (user, controller and processor). Considering GDPR limitations, BcPIIMS used off-the-chain data storing architecture. A prototype was created to validate the proposed architecture using multichain. The use of off-the-chain storage reduces individual block size. Additionally, private blockchain also limits personal data leaking by collecting fast approval from restricted peers. This study presents personal data sharing, deleting, modifying and tracking features to verify the privacy of proposed blockchain based personally identifiable information management system.https://doi.org/10.1515/comp-2019-0005general data protection regulationgdprpersonally identifiable informationpiiprivacy policydistributed ledgeroff-chain dataidentity managementpersonal information tracking |
| spellingShingle | Onik Md Mehedi Hassan Kim Chul-Soo Lee Nam-Yong Yang Jinhong Privacy-aware blockchain for personal data sharing and tracking Open Computer Science general data protection regulation gdpr personally identifiable information pii privacy policy distributed ledger off-chain data identity management personal information tracking |
| title | Privacy-aware blockchain for personal data sharing and tracking |
| title_full | Privacy-aware blockchain for personal data sharing and tracking |
| title_fullStr | Privacy-aware blockchain for personal data sharing and tracking |
| title_full_unstemmed | Privacy-aware blockchain for personal data sharing and tracking |
| title_short | Privacy-aware blockchain for personal data sharing and tracking |
| title_sort | privacy aware blockchain for personal data sharing and tracking |
| topic | general data protection regulation gdpr personally identifiable information pii privacy policy distributed ledger off-chain data identity management personal information tracking |
| url | https://doi.org/10.1515/comp-2019-0005 |
| work_keys_str_mv | AT onikmdmehedihassan privacyawareblockchainforpersonaldatasharingandtracking AT kimchulsoo privacyawareblockchainforpersonaldatasharingandtracking AT leenamyong privacyawareblockchainforpersonaldatasharingandtracking AT yangjinhong privacyawareblockchainforpersonaldatasharingandtracking |