Masoud Barati
Tracking GDPR Compliance in Cloud-based Service Delivery
Barati, Masoud; Rana, Omer
Authors
Omer Rana
Abstract
The European General Data Protection Regulation (GDPR) has had a far-reaching impact on data privacy for cloud providers. GDPR influences access to, storage, and transmission of personal data, requiring these operations to be verified by cloud users through explicit consent prior to execution. GDPR rules implemented for such operations can be ambiguous and often open to interpretation, making manual verification a time consuming and error prone process for cloud providers. An encoding of GDPR rules is described, with each operation carried out using these rules recorded into a Blockchain for auditing purposes. This work shows how some GDPR rules can appear as opcodes in smart contracts to verify the operations of providers on user data in an automatic way. An abstract model is designed to demonstrate how cloud providers can access and deploy such contracts through a Blockchain-based virtual machine. A case study is used to demonstrate how this approach can be used in practice. The case study uses several design patterns and smart contracts to verify provider operations, including read, write, execution and transfer on user data. Validation is undertaken by deploying the smart contracts in a Blockchain test network to investigate the execution costs of GDPR compliance checking.
Journal Article Type | Article |
---|---|
Online Publication Date | Jun 2, 2020 |
Publication Date | 2022-06 |
Deposit Date | May 4, 2021 |
Journal | IEEE Transactions on Services Computing |
Print ISSN | 1939-1374 |
Electronic ISSN | 2372-0204 |
Publisher | Institute of Electrical and Electronics Engineers |
Peer Reviewed | Peer Reviewed |
Volume | 15 |
Issue | 3 |
Pages | 1498-1511 |
DOI | https://doi.org/10.1109/tsc.2020.2999559 |
Keywords | Blockchain, Smart contracts, General Data Protection Regulation, Law, Cloud computing |
Public URL | http://researchrepository.napier.ac.uk/Output/2767159 |
You might also like
Blockchain for energy sharing and trading in distributed prosumer communities
(2020)
Journal Article
COM-PACE: Compliance-Aware Cloud Application Engineering Using Blockchain
(2020)
Journal Article
Automating GDPR Compliance Verification for Cloud-hosted Services
(2020)
Presentation / Conference Contribution
Design and Verification of Privacy Patterns for Business Process Models
(2021)
Book Chapter
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search