Abstract
Distributed ledger technology (DLT), including blockchain, has a number of properties that make it useful for distributed systems. However, the immutability of blockchain and most forms of DLT make it impossible to delete data, as is required for compliance with many privacy rules regarding personally identifiable information. Thus, there is a need for DLT that can provide the integrity-preserving property of DLT while also allowing support for privacy rules. The data block matrix (DBM) is a variant of distributed ledger technology. It provides the integrity assurance of blockchain but allows for controlled revision or deletion of data. This property is essential for using DLT in applications that must guarantee privacy requirements by the deleting of a user's private data at their request. The DBM design solves the blockchain privacy conflict thus expanding the range of blockchain applications by also allowing exception management. It has been implemented and is available (https://csrc.nist.gov/projects/redactable-distributed-ledger) as a configurable option for Hyperledger Fabric (HF), with a proof-of-concept application for data sharing in a health care environment. Other potential applications include logistics management and digital currency. This paper will cover the DBM properties and data structure, the DBM implementation in HF, and a use case and application design of the DBM implementation using the pharmaceutical industry supply chain.
- [1] . 2008. Bitcoin: A Peer-to-Peer electronic cash system. (2008). https://bitcoin.org/bitcoin.pdf. [Accessed 5-16-22].Google Scholar
- [2] . 2018. The distributed liability of distributed ledgers: Legal risks of blockchain. U. Ill. L. Rev. (2018), 1361.Google Scholar
- [3] . 2017. Blockchain: Disrupting data protection? Privacy Law and Business International Report, (November 2017).Google Scholar
- [4] . 2019. Redactable blockchain using enhanced chameleon Hash function. In 2019 5th International Conference on Advanced Computing & Communication Systems (ICACCS). IEEE, 323–328.Google ScholarCross Ref
- [5] 2017. Redactable blockchain–or–rewriting history in Bitcoin and friends. In 2017 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 111–126.Google ScholarCross Ref
- [6] . 2019. Rethinking distributed ledger technology. Computer 52, 2 (2019), 68–72.Google ScholarCross Ref
- [7] . 2018. A data structure for integrity protection with erasure capability. NIST Cybersecurity Whitepaper (2018). https://admin.cms.csrc.nist.gov/csrc/media/Projects/enhanced-distributed-ledger-technology/documents/NIST.CSWP.25.pdf.Google Scholar
- [8] , 2022. [accessed 5/11/22].Google Scholar
- [9] (Tech. Rpt. 2020). [accessed 5/11/22].Google Scholar
- [10] , standards work item: IPv6 and Cloud using DataBlockMatrix for Food Supply Chain Tracking and Tracing IPv6-based DataBlockMatrix [accessed 5/11/22].Google Scholar
- [11] , Recital 26. Regulation 2016/679 of the European Parliament and of the Council on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Advancement of Such Data, and repealing Directive 95/46/EC, 2016 O.J. L 119/1.Google Scholar
- [12] . 2018. Will blockchain run afoul of GDPR? Yes and No. Computerworld, 2018. https://www.computerworld.com/article/3269750/will-blockchain-run-afoul-of-gdpr-yes-and-no.html.Google Scholar
- [13] . 2019. Parliamentary Research Service Scientific Foresight Unit (STOA) PE 634.445 – July 2019 2023 https://www.europarl.europa.eu/RegData/etudes/STUD/2019/634445/EPRS_STU(2019)634445_EN.pdf.Google Scholar
- [14] . 2016. In Breyer decision today, Europe's highest court rules on definition of personal data. Oct. 19, 2016. https://iapp.org/news/a/in-breyer-decision-today-europes-highest-court-rules-on-definition-of-personal-data/.Google Scholar
- [15] . https://curia.europa.eu/juris/document/document.jsf?text=&docid=184668&pageIndex=0&doclang=en&mode=lst&dir=&occ=first&part=1&cid=1116945.Google Scholar
- [16] . https://www.bakerlaw.com/webfiles/Privacy/2018/Brief/Five-Things-Blockchain-Cos-Need-to-Know-About-GDPR.pdf.Google Scholar
- [17] . 2019. Redactable blockchain in the permissionless setting. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE, 124–138.Google ScholarCross Ref
- [18] . 2018. Hyperledger Fabric: A distributed operating system for permissioned blockchains. 2018. https://arxiv.org/abs/1801.10228v2. [accessed 10/17/2022].Google Scholar
- [19] [Source code]. https://github.com/hyperledger/fabric/tree/release-2.3.Google Scholar
- [20] . 2017. 1 in 10 medical products in developing countries is substandard or falsified. 2019. November 28, 2017 https://www.who.int/news-room/detail/28-11-2017-1-in-10-medical-products-in-developing-countries-is-substandard-orfalsified. [Accessed 2-16-22].Google Scholar
- [21] . 2021. Crypto pharmacy–digital medicine: A mobile application integrated with hybrid blockchain to tackle the issues in pharma supply chain. IEEE Open Journal of the Computer Society 2 (2021), 26–37.Google ScholarCross Ref
- [22] . 2017. A review of existing and emerging digital technologies to combat the global trade in fake medicines. Expert Opinion on Drug Safety 16, 5 (2017), 587–602.Google ScholarCross Ref
- [23] 2018. Blockchain technology for detecting falsified and substandard drugs in distribution: Pharmaceutical supply chain intervention. JMIR Research Protocols 7, 9 (2018), e10163.Google ScholarCross Ref
- [24] . 2021. Blockchain & IoT based drugs traceability for pharma industry. In 2021 IEEE International Conference on Engineering, Technology and Innovation (ICE/ITMC). IEEE, 1–4.Google ScholarCross Ref
- [25] . Blockchains everywhere - A use-case of blockchains in the pharma supplychain. In 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). IEEE, 772–777.Google Scholar
- [26] Enhancing traceability in pharmaceutical supply chain using internet of things (IoT) and blockchain. In 2019 IEEE International Conference on Intelligent Systems and Green Technology (ICISGT). IEEE, 45–48.Google Scholar
- [27] . 2021. A blockchain-based approach for drug traceability in healthcare supply chain. IEEE Access 9 (2021), 9728–9743.Google ScholarCross Ref
- [28] . A novel framework for pharmaceutical supply chain management using distributed ledger and smart contracts. In 2019 10th International Conference on Computing Communication and Networking Technologies (ICCCNT). IEEE, 1–7.Google Scholar
- [29] . 2020. California law requires legal compliance scrutiny to maintain pharma data sharing, PharmExec. com, 2020. https://www.pharmexec.com/view/california-law-requires-legal-compliance-scrutiny-maintain-pharma-data-sharing. [accessed 5/10/22].Google Scholar
- [30] , Buckley, March 3, 2022 https://buckleyfirm.com/blog/2022-03-03/virginia-passes-amendments-cdpa-data-deletion. [accessed 5/10/22].Google Scholar
- [31] . 2018. GDPR: The end of Google and Facebook or a new paradigm in data privacy. Rich. JL & Tech. 25 (2018), 1.Google Scholar
- [32] . 2020. Binding Effects of the European General Data Protection Regulation (GDPR) on US Companies. Hastings Sci. & Tech. LJ 11 (2020), 101.Google Scholar
- [33] . 2019. Integrating artificial intelligence into health care through data access: Can the GDPR act as a beacon for policymakers?. Journal of Law and the Biosciences 6, 1 (2019), 317.Google ScholarCross Ref
- [34] . 2020. An American's guide to the GDPR. Denv. L. Rev. 98 (2020), 93.Google Scholar
- [35] , INCITS 565-2020-Information Technology – Next Generation Access Control, 4/24/2020, https://standards.incits.org/apps/group_public/project/details.php?project_id=2328.Google Scholar
- [36] . 2016. A comparison of attribute based access control (ABAC) standards for data service applications. NIST Special Publication 800–178, October 2016. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-178.pdf. [accessed 5/10/22].Google Scholar
- [37] . A new approach to data sharing and distributed ledger technology: A clinical trial use case. IEEE Netw. 35 1, 4–5.Google ScholarDigital Library
- [38] . A trusted federated system to share granular data among disparate database resources. IEEE Computer 54, 3.Google ScholarCross Ref
- [39] . 2019. Privacy-preserving solutions for blockchain: Review and challenges. IEEE Access 7 (2019), 164908–164940.Google ScholarCross Ref
- [40] , Distributed Ledger with Secure Data Deletion—Revision 1.4. Stockholm, Sweden, 2016. https://github.com/TarantulaTechnology/Documents-Blockchain-vol-002/blob/master/Distributed%20Ledger%20With%20Secure%20Data%20Deletion.pdf.Google Scholar
Index Terms
- Data Block Matrix and Hyperledger Implementation: Extending Distributed Ledger Technology for Privacy Requirements
Recommendations
Private and Trustworthy Distributed Lending Model Using Hyperledger Besu
AbstractFinancial systems are rapidly becoming decentralized for fulfilling requirements, such as distributed transactions, security, trustworthiness and elimination of third-party authorizations. As a fast-growing decentralized platform, blockchain ...
Virtual private ledgers: embedding private distributed ledgers over a public blockchain by cryptography
IDEAS '19: Proceedings of the 23rd International Database Applications & Engineering SymposiumDistributed ledgers allow us to replicate databases of records across mutually untrusted parties. The best known example of distributed ledger is perhaps the Bitcoin blockchain, which maintains a consistent history of financial transactions organized as ...
The Challenge and Prospect of Scalability of Blockchain Technology
CSAI '21: Proceedings of the 2021 5th International Conference on Computer Science and Artificial IntelligenceBlockchain is a decentralized technology proposed by Satoshi Nakamoto in 2008, without relying on trust, irrevocable and modified, based on a consensus mechanism. Blockchain technology was not created out of thin air, but was born as the underlying ...
Comments