Facial reconstruction

Search LJMU Research Online

Browse Repository | Browse E-Theses

GDPR-Compliant Personal Data Management: A Blockchain-based Solution

Truong, NB, Sun, K, Lee, GM and Guo, Y (2019) GDPR-Compliant Personal Data Management: A Blockchain-based Solution. IEEE Transactions on Information Forensics & Security, 15. pp. 1746-1751. ISSN 1556-6013

GDPR-Compliant Personal Data Management A Blockchain-based Solution.pdf - Published Version
Available under License Creative Commons Attribution.

Download (2MB) | Preview
Open Access URL: https://doi.org/10.1109/TIFS.2019.2948287 (Published version)


The General Data Protection Regulation (GDPR) gives control of personal data back to the owners by appointing higher requirements and obligations on service providers who manage and process personal data. As the verification of GDPR-compliance, handled by a supervisory authority, is irregularly conducted; it is challenging to be certified that a service provider has been continuously adhering to the GDPR. Furthermore, it is beyond the data owner’s capability to perceive whether a service provider complies with the GDPR and effectively protects her personal data. This motivates us to envision a design concept for developing a GDPR-compliant personal data management platform leveraging the emerging blockchain and smart con-tract technologies. The goals of the platform are to provide decentralised mechanisms to both service providers and data owners for processing personal data; meanwhile, empower data provenance and transparency by leveraging advanced features of the blockchain technology. The platform enables data owners to impose data usage consent, ensures only designated parties can process personal data, and logs all data activities in an immutable distributed ledger using smart contract and cryptography techniques. By honestly participating in the platform, a service provider can be endorsed by the blockchain network that it is fully GDPR-compliant; otherwise, any violation is immutably recorded and is easily figured out by associated parties. We then demonstrate the feasibility and efficiency of the proposed design concept by developing a profile management platform implemented on top of the Hyperledger Fabric permissioned blockchain framework, following by valuable analysis and discussion.

Item Type: Article
Uncontrolled Keywords: 08 Information and Computing Sciences, 09 Engineering
Subjects: B Philosophy. Psychology. Religion > BJ Ethics
K Law > K Law (General)
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
T Technology > T Technology (General)
Divisions: Computer Science & Mathematics
Publisher: IEEE
Date Deposited: 16 Oct 2019 09:49
Last Modified: 05 Aug 2022 11:00
DOI or ID number: 10.1109/TIFS.2019.2948287
URI: https://researchonline.ljmu.ac.uk/id/eprint/11586
View Item View Item