Today, most online services acquire more and more information about users, to intercept their habits and preferences for diverse purposes. The end-user is often unaware that he/she is giving away valuable sensitive information, which can harm his/her privacy. Therefore, he/she is forced to submit to the management of information by the service provider, unable in any way to express his/her wishes. Furthermore, considering that many of the services are based on a collaborative paradigm (e.g., social media services, IoT-based services, etc.), a mechanism for exchanging user information is engaged. This places serious security and privacy threats to the data each service provider exposes during the collaboration. A promising approach to addressing these problems is to allow users to express their wishes about data processing and to enforce that preferences via blockchain, even when it comes to collaborative processes. This brings the benefits of trust decentralization, transparency, and accountability of privacy enforcement mechanisms in collaborative and non-collaborative contexts. In this thesis, we propose a framework to deal with the challenges in executing privacy enforcement and secure off-chain resource sharing on the blockchain. In particular, we focus on inter-organizational business processes, IoT domain, and scientific processes. Finally, we show the results of our proposal and outline possible future research directions.
Blockchain-based framework for data-centric and user-centric privacy protection / Federico Daidone , 2022 Mar 31. 34. ciclo, Anno Accademico 2020/2021.
Blockchain-based framework for data-centric and user-centric privacy protection
Federico Daidone
2022-03-31
Abstract
Today, most online services acquire more and more information about users, to intercept their habits and preferences for diverse purposes. The end-user is often unaware that he/she is giving away valuable sensitive information, which can harm his/her privacy. Therefore, he/she is forced to submit to the management of information by the service provider, unable in any way to express his/her wishes. Furthermore, considering that many of the services are based on a collaborative paradigm (e.g., social media services, IoT-based services, etc.), a mechanism for exchanging user information is engaged. This places serious security and privacy threats to the data each service provider exposes during the collaboration. A promising approach to addressing these problems is to allow users to express their wishes about data processing and to enforce that preferences via blockchain, even when it comes to collaborative processes. This brings the benefits of trust decentralization, transparency, and accountability of privacy enforcement mechanisms in collaborative and non-collaborative contexts. In this thesis, we propose a framework to deal with the challenges in executing privacy enforcement and secure off-chain resource sharing on the blockchain. In particular, we focus on inter-organizational business processes, IoT domain, and scientific processes. Finally, we show the results of our proposal and outline possible future research directions.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.