This research presents an investigation of the utilization of data containerization on a Blockchain network, as this will allow for the compliance of GDPR. Blockchain is a form of technology that is cryptographically protected and is therefore an immutable system by design. This is achieved through cryptographical calculation of entered data from which a hash is generated this can then be used like a signature as the same content has to be present to gain the same hash again. A Hash is a long string of letters and numbers. This hash is then stored inside a ‘block’ of information within the Blockchain’s ledger. These blocks are all linked together through the storing of a previous block’s hash in the newest entry, this is to ensure that the blocks of information can be cryptographically checked and guarantees that the data has not been tampered with or modified. Blockchain’s flaw lies in the fact that any inputted data cannot be removed, otherwise, the chain is broken. This is a clear breach of GDPR if user data is stored inside it; GDPR is a regulation that affects the handling, collection and management of user data and information. The specific article which affects Blockchain in relation to GDPR is Article 17, which states all members of the EU, and UK (United Kingdom) as the law was ratified into UK law, have the right to erasure and to be forgotten. This causes issues for Blockchain, as data cannot be modified or removed from an existing Blockchain network, without invalidating the Blockchain. This is due to Blockchain’s design, as an incorrect entry, or more specifically, a cryptographic hash, on the ledger invalidates the Blockchain. Containerisation solves this issue by storing data that needs to be removable inside of a separate
DUR16610086 Mitch J. Durso4storage method. For the purposes of this research, these files are being stored on the disk, metaphorical to being stored on a docker system or FTP server. Docker is an open-source software, which allows the user to pack, provision and run virtualized application containers on an operating system. It contains dependencies needed to execute code within containers, allowing containers to move between a docker environment and OS. It uses resource isolation in the OS kernel, allowing the common operating system to be contained and run multiple times. It runs containers of docker images, which contain the dependencies needed to execute within a container but should not be mistaken for a Virtual Machine (VM), as a VM operates differently, encapsulating an entire OS, and being run through dedicated hardware resources on the machine .An FTP server is used to facilitate file transfers over the internet, FTP standing for File Transfer Protocol. Files are either uploaded to or downloaded from an FTP server. In context of this paper, containerisation allows for the data to be stored outside of the ledger, substituting the original data with container or file identifiers on the Blockchain. This allows the data to be deleted, without affecting the Blockchain’s cryptographic chain. The containerised data is protected by utilizing RSA public key encryption. This is to ensure data off the Blockchain, cannot be modified without destroying the original information or data. The encrypted data is also split up into chunks, to ensure that the data has an even lower chance of being decrypted or lost, as the Blockchain network, which is private, holds the reconstructive information for these chunks. These 3 systems, Encryption & Chunking, Blockchain Ledger and Storage Method, together allow for a Blockchain system that can continue to be used as an immutable storage method, whilst allowing the extraction of data as per a user’s request, in compliance with GDPR, specifically, Article 17
