【Author】
Shi, Yuyuan; Gao, Xianming; Guan, Jianfeng
【Source】MOBILE INTERNET SECURITY, MOBISEC 2021
【Abstract】The era of big data gives rise to the development of data-driven marketing while exposing people to the threaten of data misuse and data breach. Data-driven marketing allows services to use a unique identifier to track each individual and deliver customized content. If a third party has gained unauthorized access to the behavioral data, the user's privacy will be violated. Industry giants like Apple and Google are continuously working on user anonymity: they changed unique device identifiers to advertising ID and now manage to phase out advertising ID. At the same time, service providers and advertisers are also seeking better identity strategies. This paper mainly focuses on cross-app advertising and proposes a smart contract based personal data protection framework. Leveraging the smart contract's advantages, we ensure transparency, tamper-resistance, and traceability during data storing and data sharing. In this framework, the user interacts with other entities anonymously, thus preventing identity leakage. In addition, we introduce a reward mechanism that allows users who authorize data sharing to be paid by the service. We then implement the proposed framework on Etherum combined with the IPFS to validate our design. Finally, we discuss the security of the current framework and possible further work.
【Keywords】Smart contract; Blockchain; Personal data protection; Cross-app advertising
评论