A Blockchain-Based Framework for Data Sharing With Fine-Grained Access Control in Decentralized Storage Systems

Wang, Shangping; Zhang, Yinglong; Zhang, Yaling

doi:10.1109/access.2018.2851611

Cited by 477 publications

(254 citation statements)

References 15 publications

Supporting

Mentioning

254

Contrasting

Order By: Relevance

“…The full GDPR are described in detail across 99 articles covering all of the technical and admin principles around how commercial and public organisations process personal data [13]. GDPR lays out the means by which personal data is to be protected which are founded on a set of six core data processing principles: Lawfulness, Fairness, and Transparency; Purpose Limitation; Data Minimisation; Accuracy; Storage Limitation; Integrity and Confidentiality 3 . To preserve such 2 https://www.hyperledger.org/projects/fabric 3 https://gdpr-info.eu/art-5-gdpr/ principles, the GDPR clearly differentiates three roles (i.e., DS, DC and DP) and explicitly specifies associated rights and obligations under the EU data protection law.…”

Section: A the Gdpr In A Nutshellmentioning

confidence: 99%

See 1 more Smart Citation

GDPR-Compliant Personal Data Management: A Blockchain-Based Solution

Truong

Sun

Lee

et al. 2020

IEEE Trans.Inform.Forensic Secur.

209

100

View full text Add to dashboard Cite

The General Data Protection Regulation (GDPR) gives control of personal data back to the owners by appointing higher requirements and obligations on service providers who manage and process personal data. As the verification of GDPRcompliance, handled by a supervisory authority, is irregularly conducted; it is challenging to be certified that a service provider has been continuously adhering to the GDPR. Furthermore, it is beyond the data owner's capability to perceive whether a service provider complies with the GDPR and effectively protects her personal data. This motivates us to envision a design concept for developing a GDPR-compliant personal data management platform leveraging the emerging blockchain and smart contract technologies. The goals of the platform are to provide decentralised mechanisms to both service providers and data owners for processing personal data; meanwhile, empower data provenance and transparency by leveraging advanced features of the blockchain technology. The platform enables data owners to impose data usage consent, ensures only designated parties can process personal data, and logs all data activities in an immutable distributed ledger using smart contract and cryptography techniques. By honestly participating in the platform, a service provider can be endorsed by the blockchain network that it is fully GDPR-compliant; otherwise, any violation is immutably recorded and is easily figured out by associated parties. We then demonstrate the feasibility and efficiency of the proposed design concept by developing a profile management platform implemented on top of the Hyperledger Fabric permissioned blockchain framework, following by valuable analysis and discussion.

show abstract

Section: A the Gdpr In A Nutshellmentioning

confidence: 99%

“…Input : c-ID ci, signature t, public-key pk DP , permission op Output: out 1 Initialisation: rec = null, out = error 2 s ← (V(ci.pk DS , t) ∨ V(ci.pk DC , t)) 3 Once consent is grant, the operation flow of accessing personal data is demonstrated in Fig. 4.…”

Section: Alg 2: Revokeconsent Revokes a Permission Previously Grantementioning

confidence: 99%

GDPR-Compliant Personal Data Management: A Blockchain-Based Solution

Truong

Sun

Lee

et al. 2020

IEEE Trans.Inform.Forensic Secur.

209

100

View full text Add to dashboard Cite

show abstract

“…These systems have been tailored based on system requirements. These studies [5,35,42,51] have focused on designing a user-centric system, which owners of the data can define and enforce access control policies directly. [23,36] systems have focused on auditability characteristic and trusted logging provided by blockchain to design a reliable access control system.…”

Section: Summary and Future Workmentioning

confidence: 99%

“…[23,36] systems have focused on auditability characteristic and trusted logging provided by blockchain to design a reliable access control system. From the transactional perspective, [28,35,59] use only transactions to store access control attributes on blockchain, while [2,13,17,22,23,26,36,39,42,51,52] applied smart contracts to exploit its advantages such as flexibility and automatically enforcing access control policies. Also, the challenges and future directions have been discussed in this paper.…”

Section: Summary and Future Workmentioning

confidence: 99%

Blockchain based access control systems: State of the art and challenges

Rouhani

Deters

2019

IEEE/WIC/ACM International Conference on Web Intelligence

View full text Add to dashboard Cite

Access control is a mechanism in computer security that regulates access to the system resources. The current access control systems face many problems, such as the presence of the third-party, inefficiency, and lack of privacy. These problems can be addressed by blockchain, the technology that received major attention in recent years and has many potentials. In this study, we overview the problems of the current access control systems, and then, we explain how blockchain can help to solve them. We also present an overview of access control studies and proposed platforms in the different domains. This paper presents the state of the art and the challenges of blockchain-based access control systems.

show abstract

“…Accesscontrol for sharing displays in a vehicle can ensure the safety of display sharing [19]. In [49], decentralized storage and blockchain technology are combined with attributebased encryption to provide data privacy and fine-grained access-control while avoiding a single point of failure. Attestable trust anchors on clients can help with usage control of data across devices [48].…”

Section: Safety Resiliency and Trustmentioning

confidence: 99%

Owner-Centric Sharing of Physical Resources, Data, and Data-Driven Insights in Digital Ecosystems

Cheung¹,

Huth

Kirk³

et al. 2019

Proceedings of the 24th ACM Symposium on Access Control Models and Technologies

View full text Add to dashboard Cite

We are living in an age in which digitization will connect more and more physical assets with IT systems and where IoT endpoints will generate a wealth of valuable data. Companies, individual users, and organizations alike therefore have the need to control their own physical or non-physical assets and data sources. At the same time, they recognize the need for, and opportunity to, share access to such data and digitized physical assets. This paper sets out our technology vision for such sharing ecosystems, reports initial work in that direction, identifies challenges for realizing this vision, and seeks feedback and collaboration from the academic access-control community in that R&D space.

show abstract

A Blockchain-Based Framework for Data Sharing With Fine-Grained Access Control in Decentralized Storage Systems

Cited by 477 publications

References 15 publications

GDPR-Compliant Personal Data Management: A Blockchain-Based Solution

GDPR-Compliant Personal Data Management: A Blockchain-Based Solution

Blockchain based access control systems: State of the art and challenges

Owner-Centric Sharing of Physical Resources, Data, and Data-Driven Insights in Digital Ecosystems

Contact Info

Product

Resources

About