Link Before You Share: Managing Privacy Policies through Blockchain

With the advent of numerous online content providers, utilities and applications, each with their own specific version of privacy policies and its associated overhead, it is becoming increasingly difficult for concerned users to manage and track the confidential information that they share with the providers. Users consent to providers to gather and share their Personally Identifiable Information (PII). We have developed a novel framework to automatically track details about how a users' PII data is stored, used and shared by the provider. We have integrated our Data Privacy ontology with the properties of blockchain, to develop an automated access control and audit mechanism that enforces users' data privacy policies when sharing their data across third parties. We have also validated this framework by implementing a working system LinkShare. In this paper, we describe our framework on detail along with the LinkShare system. Our approach can be adopted by Big Data users to automatically apply their privacy policy on data operations and track the flow of that data across various stakeholders.Comment: 10 pages, 6 figures, Published in: 4th International Workshop on Privacy and Security of Big Data (PSBD 2017) in conjunction with 2017 IEEE International Conference on Big Data (IEEE BigData 2017) December 14, 2017, Boston, MA, US

SEMANTICALLY RICH, POLICY BASED FRAMEWORK TO AUTOMATE LIFECYCLE OF CLOUD BASED SERVICES

Managing virtualized services efficiently over the cloud is an open challenge. Traditional models of software development are very time consuming and labor intensive for the cloud computing domain, where software (and other) services are acquired on demand. Virtualized services are often composed of pre-existing components that are assembled on an as-needed basis. We have developed a new framework to automate the acquisition, composition and consumption/monitoring of virtualized services delivered on the cloud. We have divided the service lifecycle into five phases of requirements, discovery, negotiation, composition, and consumption and have developed ontologies to represent the concepts and relationships for each phase. These are represented in Semantic Web languages. We have developed a protocol to automate the negotiation process when acquiring virtualized services. This protocol allows complex relaxation of constraints being negotiated based on user defined policies. We have also developed detailed ontologies to define service level agreements for cloud services. To illustrate and validate how this framework can automate the acquisition of cloud services, we have built two applications from real world scenarios. The Smart cloud services application enables users to determine and procure the cloud storage service that matches most of their constraints and policies. We have also built a VCL broker application that allows users to automatically reserve the VCL Image that will best meet their requirements. We have developed a framework to measure and semi-automatically track quality of a virtualized service delivery system. The framework provides a mechanism to relate hard metrics typically measured at the backstage of the delivery process to quality related hard and soft metrics tracked at the front stage where the consumer interacts with the service. While this framework is general enough to be applied to any type of IT service, in this dissertation we have primarily concentrated on the Helpdesk service and include the performance rules we have created by mining Helpdesk data

SEMANTICALLY RICH, POLICY BASED FRAMEWORK TO AUTOMATE LIFECYCLE OF CLOUD BASED SERVICES

Managing virtualized services efficiently over the cloud is an open challenge. Traditional models of software development are very time consuming and labor intensive for the cloud computing domain, where software (and other) services are acquired on demand. Virtualized services are often composed of pre-existing components that are assembled on an as-needed basis. We have developed a new framework to automate the acquisition, composition and consumption/monitoring of virtualized services delivered on the cloud. We have divided the service lifecycle into five phases of requirements, discovery, negotiation, composition, and consumption and have developed ontologies to represent the concepts and relationships for each phase. These are represented in Semantic Web languages. We have developed a protocol to automate the negotiation process when acquiring virtualized services. This protocol allows complex relaxation of constraints being negotiated based on user defined policies. We have also developed detailed ontologies to define service level agreements for cloud services. To illustrate and validate how this framework can automate the acquisition of cloud services, we have built two applications from real world scenarios. The Smart cloud services application enables users to determine and procure the cloud storage service that matches most of their constraints and policies. We have also built a VCL broker application that allows users to automatically reserve the VCL Image that will best meet their requirements. We have developed a framework to measure and semi-automatically track quality of a virtualized service delivery system. The framework provides a mechanism to relate hard metrics typically measured at the backstage of the delivery process to quality related hard and soft metrics tracked at the front stage where the consumer interacts with the service. While this framework is general enough to be applied to any type of IT service, in this dissertation we have primarily concentrated on the Helpdesk service and include the performance rules we have created by mining Helpdesk data

Automating Privacy Compliance Using Policy Integrated Blockchain

An essential requirement of any information management system is to protect data and resources against breach or improper modifications, while at the same time ensuring data access to legitimate users. Systems handling personal data are mandated to track its flow to comply with data protection regulations. We have built a novel framework that integrates semantically rich data privacy knowledge graph with Hyperledger Fabric blockchain technology, to develop an automated access-control and audit mechanism that enforces users’ data privacy policies while sharing their data with third parties. Our blockchain based data-sharing solution addresses two of the most critical challenges: transaction verification and permissioned data obfuscation. Our solution ensures accountability for data sharing in the cloud by incorporating a secure and efficient system for End-to-End provenance. In this paper, we describe this framework along with the comprehensive semantically rich knowledge graph that we have developed to capture rules embedded in data privacy policy documents. Our framework can be used by organizations to automate compliance of their Cloud datasets