BC-PDS: Protecting Privacy and Self-Sovereignty through BlockChains for OpenPDS

In the Big Data era, personal metadata may will become a new type of corporate asset, however there have already been a growing public concern about user’s privacy mined from metadata. In this paper we address the problem of implementing the self-sovereignty of personal metadata on the existing OpenPDS/SafeAnswers framework according to the Windhover Principle. In order to do that, we propose a new framework, called BlocakChain-based Personal Data Store (BCPDS), to realize two basic properties: notary and autonomy. This framework, firstly introduces the BlockChain as a notary, into OpenPDS/SafeAnswers for secure storage of personal meta-data instead of the original database. Next, we present an AutoNomybased Access Control (ANAC) to improve the SafeAnswers module, where ANAC is a new mechanism that enforces access based on the relationship among all authorized users and metadata’s owner. In addition, we also propose General Access Structure (GAS) and threshold secret sharing scheme in BlockChain as an implementation method for our BC-PDS framework.

[1]  César A. Hidalgo,et al.  Unique in the Crowd: The privacy bounds of human mobility , 2013, Scientific Reports.

[2]  Alex Pentland,et al.  Predicting Personality Using Novel Mobile Phone-Based Metrics , 2013, SBP.

[3]  Roy Want,et al.  The Personal Server: Changing the Way We Think about Ubiquitous Computing , 2002, UbiComp.

[4]  A. Pentland,et al.  Life in the network: The coming age of computational social science: Science , 2009 .

[5]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[6]  Ramón Cáceres,et al.  Virtual individual servers as privacy-preserving proxies for mobile devices , 2009, MobiHeld '09.

[7]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[8]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[9]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[10]  Moni Naor,et al.  Access Control and Signatures via Quorum Secret Sharing , 1998, IEEE Trans. Parallel Distributed Syst..

[11]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[12]  Alex Pentland,et al.  Privacy in Sensor-Driven Human Data Collection: A Guide for Practitioners , 2014, ArXiv.

[13]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[14]  J. Manyika,et al.  Are you ready for the era of ‘big data’? , 2010 .

[15]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[16]  K. Srinathan,et al.  Alternative Protocols for Generalized Oblivious Transfer , 2008, ICDCN.

[17]  Tamir Tassa,et al.  Generalized oblivious transfer by secret sharing , 2011, Des. Codes Cryptogr..

[18]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[19]  Bobby Bhattacharjee,et al.  Persona: an online social network with user-defined privacy , 2009, SIGCOMM '09.

[20]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[21]  Erez Shmueli,et al.  openPDS: Protecting the Privacy of Metadata through SafeAnswers , 2014, PloS one.