Soteria: A Provably Compliant User Right Manager Using a Novel Two-Layer Blockchain Technology
This addresses the need for transparent and provable compliance in user-data privacy for organizations subject to regulations, though it appears incremental as it builds on existing blockchain concepts with a new two-layer design.
The paper tackles the problem of safeguarding user-data privacy in compliance with regulations like GDPR and CCPA by introducing Soteria, a user right management system that uses a novel two-layer blockchain to store an auditable trail of data access and sharing agreements, achieving performance statistics such as improved consistency and availability through its architecture.
Soteria is a user right management system designed to safeguard user-data privacy in a transparent and provable manner in compliance to regulations such as GDPR and CCPA. Soteria represents user data rights as formal executable sharing agreements, which can automatically be translated into a human readable form and enforced as data are queried. To support revocation and to prove compliance, an indelible, audited trail of the hash of data access and sharing agreements are stored on a two-layer distributed ledger. The main chain ensures partition tolerance and availability (PA) properties while side chains ensure consistency and availability (CA), thus providing the three properties of the CAP (consistency, availability, and partition tolerance) theorem. Besides depicting the two-layer architecture of Soteria, this paper evaluates representative consensus protocols and reports performance statistics.