Personal Data Access Control Through Distributed Authorization
This addresses privacy and control issues for individuals managing personal data, but it is incremental as it builds on existing blockchain and encryption techniques.
The paper tackles the problem of personal data access control by proposing a system where individuals use Ethereum smart contracts to manage access, with a distributed authorization mechanism requiring trust from multiple nodes. It experimentally compares two alternatives, finding that Threshold Proxy Re-Encryption is faster, especially with larger messages, more nodes, and higher thresholds.
This paper presents an architecture of a Personal Information Management System, in which individuals can define the access to their personal data by means of smart contracts. These smart contracts, running on the Ethereum blockchain, implement access control lists and grant immutability, traceability and verifiability of the references to personal data, which is stored itself in a (possibly distributed) file system. A distributed authorization mechanism is devised, where trust from multiple network nodes is necessary to grant the access to the data. To this aim, two possible alternatives are described: a Secret Sharing scheme and Threshold Proxy Re-Encryption scheme. The performance of these alternatives is experimentally compared in terms of execution time. Threshold Proxy Re-Encryption appears to be faster in different scenarios, in particular when increasing message size, number of nodes and the threshold value, i.e. number of nodes needed to grant the data disclosure.