scholarly journals Blockchain-based Identity Management and Data Usage Control (Extended Abstract)

2018 ◽  
pp. 237-239
Author(s):  
Ricardo Neisse ◽  
Gary Steri ◽  
Igor Nai Fovino
Keyword(s):  
Identity Management ◽  
Usage Control ◽  
Data Usage

scholarly journals A Decentralized Identity-Based Blockchain Solution for Privacy-Preserving Licensing of Individual-Controlled Data to Prevent Unauthorized Secondary Data Usage

Ledger ◽  
2021 ◽  
Vol 6 ◽  
Author(s):  
Meng Kang ◽  
Victoria Lemieux
Keyword(s):  
Data Storage ◽  
Identity Management ◽  
Homomorphic Encryption ◽  
Personal Data ◽  
Secondary Data ◽  
Usage Control ◽  
Secondary Use ◽  
Data Usage ◽  
Novel Approach ◽  
Trusted Data

This paper presents a design for a blockchain solution aimed at the prevention of unauthorized secondary use of data. This solution brings together advances from the fields of identity management, confidential computing, and advanced data usage control. In the area of identity management, the solution is aligned with emerging decentralized identity standards: decentralized identifiers (DIDs), DID communication and verifiable credentials (VCs). In respect to confidential computing, the Cheon-Kim-Kim-Song (CKKS) fully homomorphic encryption (FHE) scheme is incorporated with the system to protect the privacy of the individual’s data and prevent unauthorized secondary use when being shared with potential users. In the area of advanced data usage control, the solution leverages the PRIV-DRM solution architecture to derive a novel approach to licensing of data usage to prevent unauthorized secondary usage of data held by individuals. Specifically, our design covers necessary roles in the data-sharing ecosystem: the issuer of personal data, the individual holder of the personal data (i.e., the data subject), a trusted data storage manager, a trusted license distributor, and the data consumer. The proof-of-concept implementation utilizes the decentralized identity framework being developed by the Hyperledger Indy/Aries project. A genomic data licensing use case is evaluated, which shows the feasibility and scalability of the solution.

scholarly journals Architecture, Workflows, and Prototype for Stateful Data Usage Control in Cloud

2014 ◽  
Author(s):  
Aliaksandr Lazouski ◽  
Gaetano Mancini ◽  
Fabio Martinelli ◽  
Paolo Mori
Keyword(s):  
Usage Control ◽  
Data Usage

A Policy-Based Security Framework for Privacy-Enhancing Data Access and Usage Control in Grids

2011 ◽  
pp. 118-134
Author(s):  
Wolfgang Hommel
Keyword(s):  
Initial Data ◽  
Access Point ◽  
Data Access ◽  
Service Access ◽  
Privacy Management ◽  
Dominant Model ◽  
Security Framework ◽  
Usage Control ◽  
Control Phase ◽  
Data Usage

In this chapter, we first summarize an analysis of the differences between Grids and the previously dominant model of inter-organizational collaboration. Based on requirements derived thereof, we specify a security framework that demonstrates how well-established policy-based privacy management architectures can be extended to provide the required Grid-specific functionality. We also discuss the necessary steps for integration into existing service provider and service access point infrastructures. Special emphasis is put on privacy policies that can be configured by users themselves, and distinguishing between the initial data access phase and the later data usage control phase. We also discuss the challenges of practically applying the required changes to real-world infrastructures, including delegated administration, monitoring, and auditing.

IntentKeeper: Intent-oriented Data Usage Control for Federated Data Analytics

2020 ◽  
Author(s):  
Flavio Cirillo ◽  
Bin Cheng ◽  
Raffaele Porcellana ◽  
Marco Russo ◽  
Gurkan Solmaz ◽  
...  
Keyword(s):  
Data Analytics ◽  
Usage Control ◽  
Data Usage

Data Privacy vs. Data Security

2014 ◽  
pp. 215-234
Author(s):  
Sue Milton
Keyword(s):  
Data Security ◽  
Data Privacy ◽  
Identity Management ◽  
Data Access ◽  
Privacy And Security ◽  
Access Policy ◽  
Data Usage ◽  
And Performance ◽  
The Relationship ◽  
Privacy Issues

This chapter assumes data is a key asset that, if lost or damaged, severely disrupts business capability and reputation. The chapter has one core purpose, to provide leaders with sufficient understanding of two data management fundamentals, data privacy and data security. Without that understanding, Information Technology (IT) security will always be seen as a cost on, not an investment towards, quality and performance. The chapter reviews the relationship between data privacy and data security. It argues that data security cannot be achieved until data privacy issues have been addressed. Simply put, data privacy is fundamental to any data usage policy and data security to the data access policy. The topic is then discussed in broader terms, in the context of data and information management, covering various themes such as cyber-crime, governance, and innovations in identity management. The chapter's intended outcome is to clarify the relationship between data privacy and security and how this understanding helps reduce data abuse. The link between privacy and security will also demystify the reason for high costs in implementing and maintaining security policies and explain why leaders need to provide stronger IT strategic leadership to ensure IT investment is defined and implemented wisely.

Sign in / Sign up

Export Citation Format

Share Document