Privacy-Aware Cloud Auditing for GDPR Compliance Verification in Online Healthcare

【Author】 Barati, Masoud; Aujla, Gagangeet Singh; Llanos, Jose Tomas; Duodu, Kwabena Adu; Rana, Omer F.; Carr, Madeline; Ranjan, Rajiv

【Source】IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS

【影响因子】11.648

【Abstract】Emerging multitenant cloud computing ecosystems allow multiple applications to share virtualized pool of computing and networking resources. As a result, such ecosystems are becoming increasingly prone to data privacy concerns (personal data leakages and unauthorized access). While cloud computing providers support robust security and privacy mechanisms (e.g., public key cryptography, firewalls, and virtual private networks, among many others), they lack mechanisms and frameworks to monitor, audit, and verify these data privacy concerns. The emergence of data protection regulations around the world, such as General Data Protection Regulation in Europe and the Data Protection Act in the U.K., further emphasizes the need to overcome these privacy limitations. In this article, a novel technique for monitoring, auditing, and verifying the operations carried out on a user's personal data in cloud computing ecosystems is proposed. Our research methodology leverages distributed ledger technologies (e.g., blockchain and smart contracts) for developing an immutable recording technique, which transparently logs, monitors, and verifies the operations carried out on user data. Using a healthcare pharmacy scenario and extensive real-world experiments, we validate the feasibility of the proposed technique. The proposed work handles a large pool of requests (>13K) ensuring minimal latency (approximate to 50-60 ms) and overheads for three different service packages varied with respect to the number of actors and operations.

【Keywords】Blockchain; container-based monitoring; data privacy; healthcare; smart contracts

【发表时间】2022 JUL

【收录时间】2022-04-29

【文献类型】实证性文章

【主题类别】

区块链治理-法律治理-