Data Compliance using Policy Integrated Blockchain

An important requirement of any information management system is to protect data and resources against leak or improper modifications, while at the same time ensure data availability to legitimate users. Moreover, systems handling personal data must also track its provenance and be regularly audited to comply with regulations. By assuring auditable, privacy policy compliant actions, we can also guarantee that areas, where privacy policies have been technically enforced, are highlighted.
As part of this research, we have built a novel framework to automatically track details about how a consumer’s private data is stored, used and shared by a Cloud provider. We have created a semantically rich data privacy ontology and integrated it with the properties of blockchain, to develop an automated access-control and audit mechanism, called LinkShare,  that enforces users’ data privacy policies when sharing their data across third parties.
We are also working on ensuring accountability for data sharing in the cloud, by building upon LinkShare to incorporate a secure and efficient system for End-to-End provenance. We are trying to bring in the policy(ies) in which a transaction is passed through into the fold in order to achieve provenance. Our primary technical challenge is to provide people better visibility and control over their data and at the same time ensure swift, accountable and appropriate data flow. Our research specifically tries to address the issue of data compliance and policy enforcement as desired by the end-user. We concur that decisions regarding the collection, sharing, and use of Personally Identifiable Information (PII) must take into account both ethical and privacy considerations.

Project Members

Faculty from UMBC: Dr. Karuna P Joshi

Students: Abhishek MahindrakarAgniva Banerjee 

Sponsor

This project was supported in part by DoD supplement to NSF IUCRC Center CARTA.

Publications