A massive amount of sensitive personal data is being collected and used by scientists, businesses, and governments. This has led to unprecedented threats to privacy rights and the security of personal data. There are few solutions that empower individuals to provide systematic consent agreements on distinct personal information and control who can collect, access, and use their data for specific purposes and periods. Individuals should be able to delegate consent rights, access consent-related information, and withdraw their given consent at any time. We propose a smart-contract-based dynamic consent management system, backed by blockchain technology, targeting personal data usage under the general data protection regulation. Our user-centric dynamic consent management system allows users to control their personal data collection and consent to its usage throughout the data lifecycle. Transaction history and logs are recorded in a blockchain that provides trusted tamper-proof data provenance, accountability, and traceability. A prototype of our system was designed and implemented to demonstrate its feasibility. The acceptability and reliability of the system were assessed by experimental testing and validation processes. We also analyzed the security and privacy of the system and evaluated its performance.
In recent times, electronic portfolios (e-portfolios) are being increasingly used by students and lifelong learners as digital online multimedia résumés that showcase their skill sets and achievements. E-portfolios require secure, reliable, and privacy-preserving credential issuance and verification mechanisms to prove learning achievements. However, existing systems provide private institution-wide centralized solutions that primarily rely on trusted third parties to issue and verify credentials. Furthermore, they do not enable learners to own, control, and share their e-portfolio information across organizations, which increases the risk of forged and fraudulent credentials. Therefore, we propose a consortium blockchain-based e-portfolio management scheme that is decentralized, secure, and trustworthy. Smart contracts are leveraged to enable learners to completely own, publish, and manage their e-portfolios, and also enable potential employers to verify e-portfolio credentials and artifacts without relying on trusted third parties. Blockchain is used as an immutable distributed ledger that records all transactions and logs for tamper-proof trusted data provenance, accountability, and traceability. This system guarantees the authenticity and integrity of user credentials and e-portfolio data. Decentralized identifiers and verifiable credentials are used for user profile identification, authentication, and authorization, whereas verifiable claims are used for e-portfolio credential proof authentication and verification. We have designed and implemented a prototype of the proposed scheme using a Quorum consortium blockchain network. Based on the evaluations, our solution is feasible, secure, and privacy-preserving. It offers excellent performance.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.