Open Collections

Kang, Meng

University of British Columbia

This thesis presents a design for a blockchain solution aimed at the prevention of unauthorized secondary use of personal data. The solution brings together advances from the fields of identity management, confidential computing, and advanced data usage control. In the area of identity management, the solution is aligned with emerging self-sovereign identity (SSI) standards: decentralized identifiers (DIDs), DID communication and verifiable credentials (VCs). In respect to confidential computing, the Cheon-Kim-Kim-Song (CKKS) fully homomorphic encryption (FHE) scheme is incorporated with the system to protect the privacy of the individual's data and prevent unauthorized secondary use when being shared with potential users. In the area of advanced data usage control, the solution leverages the typical digital rights management (DRM) solution architecture to derive a novel approach to licensing of data usage to prevent unauthorized secondary usage of data held by individuals. Specifically, the design covers necessary roles in the data-sharing ecosystem: the issuer of personal data, the holder of personal data (i.e., the data subject), a trusted data storage manager, a trusted license distributor, and the data consumer. The proof-of-concept implementation utilizes the SSI framework being developed by the Hyperledger Indy/Aries blockchain project. A genomic data licensing use case is evaluated, which shows the feasibility and scalability of the solution. A questionnaire was used to evaluate the design by developers with appropriate backgrounds, and relatively positive findings were received.

Text

2021-12-21

Attribution-NonCommercial-NoDerivatives 4.0 International

http://hdl.handle.net/2429/80486

Electrical Engineering

University of British Columbia

UBCO

http://creativecommons.org/licenses/by-nc-nd/4.0/