An important requirement of any information management system is to protect data and resources against leak or improper modifications, while at the same time ensure data availability to legitimate users. Moreover, systems handling personal data must also track its provenance and be regularly audited to comply with regulations. By assuring auditable, privacy policy compliant actions, we can also guarantee that areas, where privacy policies have been technically enforced, are highlighted.
As part of this research, we have built a novel framework to automatically track details about how a consumer’s private data is stored, used and shared by a Cloud provider. We have created a semantically rich data privacy ontology and integrated it with the properties of blockchain, to develop an automated access-control and audit mechanism, called LinkShare, that enforces users’ data privacy policies when sharing their data across third parties.
We are also working on ensuring accountability for data sharing in the cloud, by building upon LinkShare to incorporate a secure and efficient system for End-to-End provenance. We are trying to bring in the policy(ies) in which a transaction is passed through into the fold in order to achieve provenance. Our primary technical challenge is to provide people better visibility and control over their data and at the same time ensure swift, accountable and appropriate data flow. Our research specifically tries to address the issue of data compliance and policy enforcement as desired by the end-user. We concur that decisions regarding the collection, sharing, and use of Personally Identifiable Information (PII) must take into account both ethical and privacy considerations.
Project Members
Faculty from UMBC: Dr. Karuna P Joshi
Students: Abhishek Mahindrakar, Agniva Banerjee
Sponsor
This project was supported in part by DoD supplement to NSF IUCRC Center CARTA.
Publications
- Abhishek Mahindrakar and Karuna P. Joshi, “Automating GDPR Compliance using Policy Integrated Blockchain“, In Proceedings, 6th IEEE International Conference on Big Data Security on Cloud (BigDataSecurity 2020), May 2020.
- J. Clavin, V. P. Janeja, K. P. Joshi, Y. Yesha, and et al., “Blockchains for Government: Use Cases and Challenges“, Article, Digital Government: Research and Practice, November 2020
- Karuna P. Joshi and A. Banerjee, “Automating Privacy Compliance Using Policy Integrated Blockchain“, in Cryptography 2019, 3(1), 7; MDPI, https://doi.org/10.3390/cryptography3010007
- Agniva Banerjee and Karuna Pande Joshi”, Link Before You Share: Managing Privacy Policies through Blockchain, 4th International Workshop on Privacy and Security of Big Data (PSBD 2017), in conjunction with 2017 IEEE International Conference on Big Data (IEEE BigData 2017)