Protecting Personal Data Using Smart Contracts

Decentralized Online Social Networks (DOSNs) have been proposed as an alternative solution to the current centralized Online Social Networks (OSNs). Online Social Networks are based on centralized architecture (e.g., Facebook, Twitter, or Google+), while DOSNs do not have a service provider that act...

Full description

Saved in:
Bibliographic Details
Published inInternet and Distributed Computing Systems Vol. 11874; pp. 21 - 32
Main Authors Rahman, Mohsin Ur, Baiardi, Fabrizio, Guidi, Barbara, Ricci, Laura
Format Book Chapter
LanguageEnglish
Published Switzerland Springer International Publishing AG 2019
Springer International Publishing
SeriesLecture Notes in Computer Science
Subjects
Access control
Blockchain
RBAC
Social networks
Online AccessGet full text
ISBN9783030349134
3030349136
ISSN0302-9743
1611-3349
DOI10.1007/978-3-030-34914-1_3

Cover

More Information
Summary:Decentralized Online Social Networks (DOSNs) have been proposed as an alternative solution to the current centralized Online Social Networks (OSNs). Online Social Networks are based on centralized architecture (e.g., Facebook, Twitter, or Google+), while DOSNs do not have a service provider that acts as central authority and users have more control over their information. Several DOSNs have been proposed during the last years. However, the decentralization of the OSN requires efficient solutions for protecting the privacy of users, and to evaluate the trust between users. Blockchain represents a disruptive technology which has been applied to several fields, among these also to Social Networks. In this paper, we propose a manageable, user-driven and auditable access control framework for DOSNs using blockchain technology. In the proposed approach, the blockchain is used as a support for the definition of privacy policies. The resource owner uses the public key of the subject to define flexible role-based access control policies, while the private key associated with the subjects Ethereum account is used to decrypt the private data once access permission is validated on the blockchain. We evaluate our solution by exploiting the Rinkeby Ethereum testnet to deploy the smart contract, and to evaluate its performance. Experimental results show the feasibility of the proposed scheme in achieving auditable and user-driven access control via smart contract deployed on the Blockchain.
ISBN:9783030349134
3030349136
ISSN:0302-9743
1611-3349
DOI:10.1007/978-3-030-34914-1_3