IRIS

The General Data Protection Regulation highlights the principle of data minimization, which means that only data required to successfully accomplish a given task should be processed. In this paper, we propose a Blockchain-based scheme that allows users to have control over the personal data revealed when accessing a service. The proposed solution does not rely on sophisticated cryptographic primitives, provides mechanisms for revoking the authorization to access a service and for guessing the identity of a user only in cases of need, and is compliant with the recent eIDAS Regulation. We prove that the proposed scheme is secure and reaches the expected goal, and we present an Ethereum-based implementation to show the effectiveness of the proposed solution.

A System to Access Online Services with Minimal Personal Information Disclosure / Russo, A., Lax, G., Dromard, B., Mezred, M.. - In: INFORMATION SYSTEMS FRONTIERS. - ISSN 1387-3326. - 24:(2022), pp. 1563-1575. [10.1007/s10796-021-10150-8]

A System to Access Online Services with Minimal Personal Information Disclosure

Russo, Antonia;Lax, Gianluca
;
2022-01-01

Abstract

The General Data Protection Regulation highlights the principle of data minimization, which means that only data required to successfully accomplish a given task should be processed. In this paper, we propose a Blockchain-based scheme that allows users to have control over the personal data revealed when accessing a service. The proposed solution does not rely on sophisticated cryptographic primitives, provides mechanisms for revoking the authorization to access a service and for guessing the identity of a user only in cases of need, and is compliant with the recent eIDAS Regulation. We prove that the proposed scheme is secure and reaches the expected goal, and we present an Ethereum-based implementation to show the effectiveness of the proposed solution.
2022
19-lug-2021
WOS:000674529100001
24
1563
1575
13
2-s2.0-85110893852
https://link.springer.com/article/10.1007/s10796-021-10150-8
Esperti anonimi
Blockchain · Smart contracts · eIDAS Regulation · Access control · Privacy
Open access funding provided by Università degli Studi Mediterranea di Reggio Calabria within the CRUI-CARE Agreement.
Internazionale
Costi Open Access coperti in virtù dell'adesione dell'Università Mediterranea all'Accordo CRUI-CARE-Springer
Russo, Antonia; Lax, Gianluca; Dromard, Baptiste; Mezred, Menad
info:eu-repo/semantics/article
1 Contributo su Rivista::1.1 Articolo in rivista
262
A System to Access Online Services with Minimal Personal Information Disclosure / Russo, A., Lax, G., Dromard, B., Mezred, M.. - In: INFORMATION SYSTEMS FRONTIERS. - ISSN 1387-3326. - 24:(2022), pp. 1563-1575. [10.1007/s10796-021-10150-8]
4
open
1.1 Articolo in rivista
File in questo prodotto:
File Dimensione Formato  
Russo2021_Article_ASystemToAccessOnlineServicesW.pdf

accesso aperto

Descrizione: Versione Editoriale open access
Tipologia: Versione Editoriale (PDF)
Licenza: Creative commons
Dimensione 1.55 MB
Formato Adobe PDF
Visualizza/Apri
1.55 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12318/112921
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 9
  • ???jsp.display-item.citation.isi??? 8
social impact