Jonathan Heiss, Max-Robert Ulbricht, Jacob Eberhardt
{"title":"把你的钱放在你的嘴巴上——迈向基于区块链的同意违规检测","authors":"Jonathan Heiss, Max-Robert Ulbricht, Jacob Eberhardt","doi":"10.1109/ICBC48266.2020.9169455","DOIUrl":null,"url":null,"abstract":"Faulty access control in API-based multi-service setups can lead to violations of consent declarations through unauthorized Third Parties. This threatens Service Providers to lose the trust of their Service Consumers and to be exposed to sensitive fines as defined by the GDPR.Addressing this problem, in this paper, we propose a novel, blockchain-based approach for enabling economically motivated and technically mediated detection of violations of consent declarations in multi-service setups and derive its legal viability from a thorough analysis of the GDPR. The herein introduced Violation Detection mechanism allows for a censorship-resistant and publicly verifiable detection of violations to registered Consent Policies based on off-chain computed violation claims utilizing non-interactive zero-knowledge proofs. The corresponding System Design specifies all required roles and artifacts to integrate the Violation Detection mechanism with standard procedures for consent-based access control. The integration of our system supports Service Providers to fulfill legal requirements and, therefore, paves the way towards automated policy violation detection within GDPR-compliant consent-based access control solutions.","PeriodicalId":420845,"journal":{"name":"2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Put Your Money Where Your Mouth Is – Towards Blockchain-based Consent Violation Detection\",\"authors\":\"Jonathan Heiss, Max-Robert Ulbricht, Jacob Eberhardt\",\"doi\":\"10.1109/ICBC48266.2020.9169455\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Faulty access control in API-based multi-service setups can lead to violations of consent declarations through unauthorized Third Parties. This threatens Service Providers to lose the trust of their Service Consumers and to be exposed to sensitive fines as defined by the GDPR.Addressing this problem, in this paper, we propose a novel, blockchain-based approach for enabling economically motivated and technically mediated detection of violations of consent declarations in multi-service setups and derive its legal viability from a thorough analysis of the GDPR. The herein introduced Violation Detection mechanism allows for a censorship-resistant and publicly verifiable detection of violations to registered Consent Policies based on off-chain computed violation claims utilizing non-interactive zero-knowledge proofs. The corresponding System Design specifies all required roles and artifacts to integrate the Violation Detection mechanism with standard procedures for consent-based access control. The integration of our system supports Service Providers to fulfill legal requirements and, therefore, paves the way towards automated policy violation detection within GDPR-compliant consent-based access control solutions.\",\"PeriodicalId\":420845,\"journal\":{\"name\":\"2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICBC48266.2020.9169455\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICBC48266.2020.9169455","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Put Your Money Where Your Mouth Is – Towards Blockchain-based Consent Violation Detection
Faulty access control in API-based multi-service setups can lead to violations of consent declarations through unauthorized Third Parties. This threatens Service Providers to lose the trust of their Service Consumers and to be exposed to sensitive fines as defined by the GDPR.Addressing this problem, in this paper, we propose a novel, blockchain-based approach for enabling economically motivated and technically mediated detection of violations of consent declarations in multi-service setups and derive its legal viability from a thorough analysis of the GDPR. The herein introduced Violation Detection mechanism allows for a censorship-resistant and publicly verifiable detection of violations to registered Consent Policies based on off-chain computed violation claims utilizing non-interactive zero-knowledge proofs. The corresponding System Design specifies all required roles and artifacts to integrate the Violation Detection mechanism with standard procedures for consent-based access control. The integration of our system supports Service Providers to fulfill legal requirements and, therefore, paves the way towards automated policy violation detection within GDPR-compliant consent-based access control solutions.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
