Automating GDPR Compliance using Policy Integrated Blockchain

Thumbnail Image

Files

Mahindrakar_umbc_0434M_12233.pdf (1.84 MB)

Links to Files

Permanent Link

http://hdl.handle.net/11603/22800

Collections

UMBC Theses and Dissertations
UMBC Graduate School
UMBC Information Systems Department
UMBC Student Collection

Author/Creator

Author/Creator ORCID

Date

2020-01-20

Type of Work

theses
Text
application:pdf

Department

Information Systems

Program

Information Systems

Citation of Original Publication

Rights

Distribution Rights granted to UMBC by the author.
This item may be protected under Title 17 of the U.S. Copyright Law. It is made available by UMBC for non-commercial research and education. For permission to publish or reproduce, please see http://aok.lib.umbc.edu/specoll/repro.php or contact Special Collections at speccoll(at)umbc.edu

Subjects

Blockchain
Ethereum
GDPR
Hyperledger

Abstract

Data Protection regulations, like GDPR, mandate security controls to secure Personal Identifiable Information (PII) of the users which they share with service providers. With the volume of shared data reaching exascale proportions, it is challenging to ensure GDPR compliance in real-time. We propose a novel approach that integrates GDPR Ontology with Blockchain to facilitate real-time automated data compliance. Our framework ensures data operation is allowed only when validated by data privacy policies in compliance with privacy rules in GDPR. When a valid transaction takes place the PII data is automatically stored off-chain in a database. Our system, built using Semantic Web and Ethereum Blockchain, includes an access control system that enforces data privacy policy when data is shared with third parties.