Litcius/Paper detail

Automating GDPR Compliance using Policy Integrated Blockchain

Abhishek Mahindrakar, Karuna Pande Joshi

202028 citationsDOIOpen Access PDF

Abstract

Data Protection regulations, like GDPR, mandate security controls to secure Personal Identifiable Information (PII) of the users which they share with service providers. With the volume of shared data reaching exascale proportions, it is challenging to ensure GDPR compliance in real time. We propose a novel approach that integrates GDPR Ontology with Blockchain to facilitate real time automated data compliance. Our framework ensures data operation is allowed only when validated by data privacy policies in compliance with privacy rules in GDPR. When a valid transaction takes place the PII data is automatically stored off-chain in a database. Our system, built using Semantic Web and Ethereum Blockchain, includes an access-control system that enforces data privacy policy when data is shared with third parties.

Topics & Concepts

Computer scienceBlockchainDatabase transactionComputer securityGeneral Data Protection RegulationInformation privacyMandateData Protection Act 1998Privacy policyDatabasePolitical scienceLawBlockchain Technology Applications and SecurityPrivacy, Security, and Data ProtectionPrivacy-Preserving Technologies in Data