Data Compliance using Policy Integrated Blockchain

Executive Summary – Overview
An important requirement of any information management system is to protect data and resources against leak or improper modifications, while at the same time ensure data availability to legitimate users. Moreover, systems handling personal data must also track it’s provenance and be regularly audited to comply with regulations. By assuring auditable, privacy policy compliant actions, we can also guarantee that areas where privacy policies have been technically enforced are highlighted.

Technical Challenge/Activities
As part of this research, we have built a novel framework to automatically track details about how a consumer’s private data is stored, used and shared by a Cloud provider. We have created a semantically rich data privacy ontology and integrated it with the properties of blockchain, to develop an automated access-control and audit mechanism, called LinkShare, that enforces users’ data privacy policies when sharing their data across third parties.

Potential Impact
We are also working on ensuring accountability for data sharing in cloud, by building upon LinkShare to incorporate a secure and efficient system for End-to- End provenance. We are trying to bring in the policy(ies) which a transaction is passed through into the fold in order to achieve provenance. Our primary technical challenge is to provide people better visibility and control over their data, and at the same time ensure swift, accountable and appropriate data flow. Our research specifically tries to address the issue of data compliance and policy enforcement as desired by the end-user. We concur that decisions regarding the collection, sharing, and use of Personally Identifiable Information (PII) must take into account both ethical and privacy considerations.

Project Members
Faculty from UMBC: Dr. Karuna P Joshi
Students: Abhishek Mahindrakar, Agniva Banerjee

Sponsor
This project is supported in part by DoD supplement to NSF Center CARTA.

Publications
• Karuna Pande Joshi and Agniva Banerjee, “Automating Privacy Compliance Using Policy Integrated Blockchain”, Special Issue on Advances of Blockchain Technology and Its Applications, Cryptography 2019, 3(1), 7; MDPI, https://doi.org/10.3390/cryptography3010007