Blockchain-Based Data Sharing and Managing Sensitive Data

Abstract

IT advancements have produced huge amount of data including personal and sensitive information. People have no control on data that is stored, processed and controlled by third parties who could harm user privacy. Meanwhile blockchain technology has potential to drive research and applications and will weave together as we look at digital economy processing personal data. In this research work, a blockchain that is underlying technology behind Bitcoin based access control mechanism is introduced to protect users’ privacy. A blockchain is a growing list of distributed records that are connected to each other through the usage of crytography. The distributed consensus and anonymity form two major characteristics of the blockchain technology. The proposed system implements a protocol that utilizes blockchain technology to manage access control to users’ data without depending on a third party

Keywords

• Blockchain
• Bitcoin
• privacy
• anonymity

Blockchain-Based Data Sharing and Managing Sensitive Data

Abstract

Bilgi teknolojilerindeki gelişmeler kişisel ve hassas verilerde büyük oranda artışa neden olmuştur. Bireylerin kontrolleri dışında onlara ait olan veriler üçüncü taraf şahıslar veya sistemler tarafından mahremiyet hususu göz ardı ederek saklanabilmekte ve işlenebilmektedir. Bu arada blokzincir teknolojisi araştırma ve yazılımları kişisel verileri işleyen dijital ekonomi yönünde yönlendirme potansiyeline sahiptir. Bu çalışmada, kullanıcıların mahremiyetini korumak amacıyla Bitcoin’in de temelini oluşturan blokzincir tabanlı örnek bir erişim denetim mekanizması tanıtılmıştır. Blokzincir yapısı ard arda dağıtık yapıdaki kayıtların birbiri ile kriptoloji aracılığı ile ilişkilendirilmesinden oluşur. Blokzincir teknolojisinin temelinde iki ana karakteristik olan mutabakat ve anonimlik bulunur. Önerilen sistemin temel aldığı protokol blokzincir teknolojisini kullanarak arada üçüncü şahıslar veya sistemler olmadan kullanıcı verilerine kontrollü erişimi sağlamaktadır.

Keywords

• Blockchain
• Bitcoin
• privacy
• anonymity

References

1. ScienceDaily, "Big Data, for better or worse: 90% of world's data generated over last two years," [Online]. Available: www.sciencedaily.com/releases/2013/05/130522085217.htm. [Accessed 29 June 2018].
2. T. P. Morgan, "How Facebook Compresses Its 300 PB Data Warehouse," 11 April 2014. [Online]. Available: https://www.enterprisetech.com/2014/04/11/facebook-compresses-300-pb-data-warehouse/. [Accessed 29 June 2018].
3. K. Schwab, A. Marcus, J. R. Oyola, W. Hoffman and M. Luzi, "Personal Data: The Emergence of a New Asset Class," World Economic Forum, 2011.
4. M. B. Kelley, "NSA's Prism surveillance program: how it works and what it can do," 15 June 2013. [Online]. Available: http://www.businessinsider.com/how-prism-surveillance-works-2013-6. [Accessed 29 June 2018].
5. V. Goel, "Facebook Tinkers With Users’ Emotions in News Feed Experiment, Stirring Outcry," 29 June 2014. [Online]. Available: https://www.nytimes.com/2014/06/30/technology/facebook-tinkers-with-users-emotions-in-news-feed-experiment-stirring-outcry.html. [Accessed 29 June 2018].
6. E. Commission, "Commission proposes a comprehensive reform of data protection rules to increase users' control of their data and to cut costs for businesses," European Commission, Brussels, 2012.
7. K. Zezima, "Obama proposes legislation on data breaches, student privacy," 12 January 2015. [Online]. Available: https://www.washingtonpost.com/news/post-politics/wp/2015/01/12/obama-to-propose-legislation-on-data-breaches-student-privacy/?noredirect=on&utm_term=.f36a340e9816. [Accessed 2018 June 29].
8. R. Gross and A. Acquisti, "Information revelation and privacy in online social networks," in In Proceedings of the 2005 ACM workshop on Privacy in the electronic society, 2005.

9. D. L. Hoffman, T. P. Novak and M. Peralta, "Building consumer trust online," Communications of the ACM, vol. 42, no. 4, pp. 80-85, 1999.
10. I. E. T. F. (IETF), "The OAuth 2.0 Authorization Framework," October 2012. [Online]. Available: https://tools.ietf.org/html/rfc6749. [Accessed 29 June 2018].
11. L. Sweeney, "k-anonymity: A model for protecting privacy," International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, vol. 10, no. 05, pp. 557-570, 2002.
12. A. Machanavajjhala, J. Gehrke, D. Kifer and M. Venkitasubramaniam, "l-diversity: Privacy beyond k-anonymity," in Proceedings of the 22nd International Conference on Data Engineering, 2006., 2006.
13. N. Li, T. Li and S. Venkatasubramanian, "t-closeness: Privacy beyond k-anonymity and l-diversity," in IEEE 23rd International Conference on Data Engineering (ICDE 2007), 2007.
14. Y.-A. De Montjoye, C. A. Hidalgo, M. Verleysen and V. D. Blondel, "Unique in the crowd: The privacy bounds of human mobility," Scientific reports, 2013.
15. A. Narayanan and V. Shmatikov, "How to break anonymity of the netflix prize dataset.," arXiv preprint, vol. cs/0610105, 2006.
16. C. Gentry and S. Halevi, "Implementing gentry’s fully-homomorphic encryption scheme," in Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2011.
17. S. Underwood, "Blockchain beyond bitcoin," Communications of the ACM, vol. 59, no. 11, pp. 15-17, 2016.
18. P. Maymounkov and D. Mazieres, "Kademlia: A peer-to-peer information system based on the xor metric," in In International Workshop on Peer-to-Peer Systems, Springer, Berlin, 2002.
19. D. Johnson, A. Menezes and S. Vanstone, "The elliptic curve digital signature algorithm (ECDSA)," International journal of information security, vol. 1, no. 1, pp. 36-6, 2001.
20. N. I. o. S. a. Technology, "FIPS 180-4, Secure Hash Standard (SHS)," August 2015. [Online]. Available: https://csrc.nist.gov/publications/detail/fips/180/4/final. [Accessed 29 June 2018].
21. S. Nakamoto, "Bitcoin: A peer-to-peer electronic cash system," 2008.