{"title":"基于区块链和符合gdpr的数字教育证书系统设计","authors":"Fernanda Molina, Gustavo Betarte, C. Luna","doi":"10.19153/cleiej.26.1.3","DOIUrl":null,"url":null,"abstract":"Blockchain technology supports building transparent and decentralized systems in which the executed transactions can be easily traceable. Suppose one such system is intended to manage and process personal data. In that case, complementary mechanisms are required that make it possible for the system to comply, for instance, with data protection regulations. This work studies the integration of off-chain capabilities in blockchain-based solutions. In particular, we have focused on mechanisms that support safely moving data or computational operations outside the core blockchain network. We have carried out a thorough analysis of the European data protection regulation and discussed the weaknesses and strengths regarding the security and privacy requirements established by that regulation of solutions built using traditional blockchain technology.As a direct consequence of this study, we have conceived, and present in this paper, a system architecture for the design of privacy-aware solutions that use that kind of technology and put forward a systematic approach for performing a security and privacy threat analysis of one such solution. We illustrate the use of the proposed methodological tools, presenting and discussing the high-level design and security and privacy assessment of a system that provides services to handle, store, and validate digital academic certificates.","PeriodicalId":418941,"journal":{"name":"CLEI Electron. J.","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"A Blockchain based and GDPR-compliant design of a system for digital education certificates\",\"authors\":\"Fernanda Molina, Gustavo Betarte, C. Luna\",\"doi\":\"10.19153/cleiej.26.1.3\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Blockchain technology supports building transparent and decentralized systems in which the executed transactions can be easily traceable. Suppose one such system is intended to manage and process personal data. In that case, complementary mechanisms are required that make it possible for the system to comply, for instance, with data protection regulations. This work studies the integration of off-chain capabilities in blockchain-based solutions. In particular, we have focused on mechanisms that support safely moving data or computational operations outside the core blockchain network. We have carried out a thorough analysis of the European data protection regulation and discussed the weaknesses and strengths regarding the security and privacy requirements established by that regulation of solutions built using traditional blockchain technology.As a direct consequence of this study, we have conceived, and present in this paper, a system architecture for the design of privacy-aware solutions that use that kind of technology and put forward a systematic approach for performing a security and privacy threat analysis of one such solution. We illustrate the use of the proposed methodological tools, presenting and discussing the high-level design and security and privacy assessment of a system that provides services to handle, store, and validate digital academic certificates.\",\"PeriodicalId\":418941,\"journal\":{\"name\":\"CLEI Electron. J.\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"CLEI Electron. J.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.19153/cleiej.26.1.3\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"CLEI Electron. J.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.19153/cleiej.26.1.3","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Blockchain based and GDPR-compliant design of a system for digital education certificates
Blockchain technology supports building transparent and decentralized systems in which the executed transactions can be easily traceable. Suppose one such system is intended to manage and process personal data. In that case, complementary mechanisms are required that make it possible for the system to comply, for instance, with data protection regulations. This work studies the integration of off-chain capabilities in blockchain-based solutions. In particular, we have focused on mechanisms that support safely moving data or computational operations outside the core blockchain network. We have carried out a thorough analysis of the European data protection regulation and discussed the weaknesses and strengths regarding the security and privacy requirements established by that regulation of solutions built using traditional blockchain technology.As a direct consequence of this study, we have conceived, and present in this paper, a system architecture for the design of privacy-aware solutions that use that kind of technology and put forward a systematic approach for performing a security and privacy threat analysis of one such solution. We illustrate the use of the proposed methodological tools, presenting and discussing the high-level design and security and privacy assessment of a system that provides services to handle, store, and validate digital academic certificates.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
