Cargando…
Enhancing Data Protection in Dynamic Consent Management Systems: Formalizing Privacy and Security Definitions with Differential Privacy, Decentralization, and Zero-Knowledge Proofs
Dynamic consent management allows a data subject to dynamically govern her consent to access her data. Clearly, security and privacy guarantees are vital for the adoption of dynamic consent management systems. In particular, specific data protection guarantees can be required to comply with rules an...
Autores principales: | , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2023
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10490780/ https://www.ncbi.nlm.nih.gov/pubmed/37688060 http://dx.doi.org/10.3390/s23177604 |
_version_ | 1785103920076423168 |
---|---|
author | Khalid, Muhammad Irfan Ahmed, Mansoor Kim, Jungsuk |
author_facet | Khalid, Muhammad Irfan Ahmed, Mansoor Kim, Jungsuk |
author_sort | Khalid, Muhammad Irfan |
collection | PubMed |
description | Dynamic consent management allows a data subject to dynamically govern her consent to access her data. Clearly, security and privacy guarantees are vital for the adoption of dynamic consent management systems. In particular, specific data protection guarantees can be required to comply with rules and laws (e.g., the General Data Protection Regulation (GDPR)). Since the primary instantiation of the dynamic consent management systems in the existing literature is towards developing sustainable e-healthcare services, in this paper, we study data protection issues in dynamic consent management systems, identifying crucial security and privacy properties and discussing severe limitations of systems described in the state of the art. We have presented the precise definitions of security and privacy properties that are essential to confirm the robustness of the dynamic consent management systems against diverse adversaries. Finally, under those precise formal definitions of security and privacy, we have proposed the implications of state-of-the-art tools and technologies such as differential privacy, blockchain technologies, zero-knowledge proofs, and cryptographic procedures that can be used to build dynamic consent management systems that are secure and private by design. |
format | Online Article Text |
id | pubmed-10490780 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2023 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-104907802023-09-09 Enhancing Data Protection in Dynamic Consent Management Systems: Formalizing Privacy and Security Definitions with Differential Privacy, Decentralization, and Zero-Knowledge Proofs Khalid, Muhammad Irfan Ahmed, Mansoor Kim, Jungsuk Sensors (Basel) Article Dynamic consent management allows a data subject to dynamically govern her consent to access her data. Clearly, security and privacy guarantees are vital for the adoption of dynamic consent management systems. In particular, specific data protection guarantees can be required to comply with rules and laws (e.g., the General Data Protection Regulation (GDPR)). Since the primary instantiation of the dynamic consent management systems in the existing literature is towards developing sustainable e-healthcare services, in this paper, we study data protection issues in dynamic consent management systems, identifying crucial security and privacy properties and discussing severe limitations of systems described in the state of the art. We have presented the precise definitions of security and privacy properties that are essential to confirm the robustness of the dynamic consent management systems against diverse adversaries. Finally, under those precise formal definitions of security and privacy, we have proposed the implications of state-of-the-art tools and technologies such as differential privacy, blockchain technologies, zero-knowledge proofs, and cryptographic procedures that can be used to build dynamic consent management systems that are secure and private by design. MDPI 2023-09-01 /pmc/articles/PMC10490780/ /pubmed/37688060 http://dx.doi.org/10.3390/s23177604 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Khalid, Muhammad Irfan Ahmed, Mansoor Kim, Jungsuk Enhancing Data Protection in Dynamic Consent Management Systems: Formalizing Privacy and Security Definitions with Differential Privacy, Decentralization, and Zero-Knowledge Proofs |
title | Enhancing Data Protection in Dynamic Consent Management Systems: Formalizing Privacy and Security Definitions with Differential Privacy, Decentralization, and Zero-Knowledge Proofs |
title_full | Enhancing Data Protection in Dynamic Consent Management Systems: Formalizing Privacy and Security Definitions with Differential Privacy, Decentralization, and Zero-Knowledge Proofs |
title_fullStr | Enhancing Data Protection in Dynamic Consent Management Systems: Formalizing Privacy and Security Definitions with Differential Privacy, Decentralization, and Zero-Knowledge Proofs |
title_full_unstemmed | Enhancing Data Protection in Dynamic Consent Management Systems: Formalizing Privacy and Security Definitions with Differential Privacy, Decentralization, and Zero-Knowledge Proofs |
title_short | Enhancing Data Protection in Dynamic Consent Management Systems: Formalizing Privacy and Security Definitions with Differential Privacy, Decentralization, and Zero-Knowledge Proofs |
title_sort | enhancing data protection in dynamic consent management systems: formalizing privacy and security definitions with differential privacy, decentralization, and zero-knowledge proofs |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10490780/ https://www.ncbi.nlm.nih.gov/pubmed/37688060 http://dx.doi.org/10.3390/s23177604 |
work_keys_str_mv | AT khalidmuhammadirfan enhancingdataprotectionindynamicconsentmanagementsystemsformalizingprivacyandsecuritydefinitionswithdifferentialprivacydecentralizationandzeroknowledgeproofs AT ahmedmansoor enhancingdataprotectionindynamicconsentmanagementsystemsformalizingprivacyandsecuritydefinitionswithdifferentialprivacydecentralizationandzeroknowledgeproofs AT kimjungsuk enhancingdataprotectionindynamicconsentmanagementsystemsformalizingprivacyandsecuritydefinitionswithdifferentialprivacydecentralizationandzeroknowledgeproofs |