Open Access Open Access  Restricted Access Subscription Access

Smart Contract-based Decentralized Privacy System for Securing Data Ownership Management

Yunmin He,
Yu-Chi Chen,
Zhong-Yi Guo,
Raylin Tso,
Shaozhen Ye,

Abstract


Recently, Zyskind et al. proposed a decentralized personal data management system which keeps privacy through blockchain and off-blockchain storage, so-called the decentralized privacy (DP) system. This system helps users ensure data ownership and fine-grained access control for third-party service providers. However, in this DP system, the permission power is delegated to blockchain and the users' data are stored in the off-blockchain distributed hashtable. Therefore, this induces extra communication overhead to connect these two distinct functionalities. In this paper, we present a conceptually simple solution directly from smart contracts with cryptographic primitives. This system is called the smart contract-based decentralized privacy (SCDP) system to overcome the above-mentioned efficiency issues. We propose the basic SCDP system as a warm-up to introduce the design principle based on symmetric encryption. Moreover, the strong SCDP system is provided by using ciphertext-policy attribute-based encryption to support more flexible scenarios of access control and also eliminate some limitations of the basic system. Finally, we discuss some analyses in the aspects of security, access control, and data segmentation.


Citation Format:
Yunmin He, Yu-Chi Chen, Zhong-Yi Guo, Raylin Tso, Shaozhen Ye, "Smart Contract-based Decentralized Privacy System for Securing Data Ownership Management," Communications of the CCISA, vol. 25, no. 3 , pp. 1-21, Aug. 2019.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Chinese Cryptology and Information Security Association (CCISA), Taiwan, R.O.C
CCCISA Editorial Office, No.1, Sec. 1, Shennong Rd., Yilan City, Yilan County 260, Taiwan (R.O.C.)
E-mail: ccisa.editor@gmail.com