Using blockchain for verifying GDPR rules in cloud ecosystems
Masoud Barati
School of Computer Science and Informatic, Cardiff university, Cardiff, UK
: J Comput Eng Inf Technol
Abstract
Understanding how cloud providers support the European General Data Protection Regulation (GDPR) remains a main challenge for new providers emerging on the market. GDPR influences access to, storage, processing and transmission of data, requiring these operations to be exposed to a user to seek explicit consent. A privacy-aware cloud architecture is proposed that improves transparency and enables the audit trail of providers who accessed the user data to be recorded. The architecture not only supports GDPR compliance by imposing several data protection requirements on cloud providers, but also beneï¬Âts from a blockchain network that securely stores the providers’ operations on the user data. A blockchain-based tracking approach based on a shared privacy agreement implemented as a smart contract is described – providers who violate GDPR rules are automatically reported.
Biography
Masoud Barati is currently a postdoctoral research associate in the school of computer science and informatics of Cardiff university, who started his job in Nov 2018. He involved the privacy-aware cloud ecosystems (PACE) project utilizing GDPR and blockchain technology to enhance user privacy in cloud computing. He received his PhD in computer science from Sherbrooke university in Canada in May 2018. His PhD thesis was about the orchestration of dynamic software components using behavior composition framework. He has more than 20 manuscripts published in the well-known conferences and journals and is the reviewer of ICIW conferences and IEEE transactions on service computing journal. Moreover, he was a faculty member in the department of computer engineering of Azad university in Iran from Sep 2011 to Dec 2014. His research interests are service composition, distributed systems, blockchain, formal methods, verification, and ontology.