Skip to main content

Research Repository

Advanced Search

Privacy-Aware Cloud Auditing for GDPR Compliance Verification in Online Healthcare

Barati, Masoud; Aujla, Gagangeet Singh; Llanos, Jose Tomas; Duodu, Kwabena Adu; Rana, Omer F.; Carr, Madeline; Rajan, Rajiv

Privacy-Aware Cloud Auditing for GDPR Compliance Verification in Online Healthcare Thumbnail


Authors

Masoud Barati

Jose Tomas Llanos

Kwabena Adu Duodu

Omer F. Rana

Madeline Carr

Rajiv Rajan



Abstract

Emerging multi-tenant cloud computing ecosystems allow multiple applications to share virtualised pool of computing and networking resources. As a result such ecosystems are becoming increasingly prone to data privacy concerns (personal data leakages and unauthorised access). While cloud computing providers support robust security and privacy mechanisms (e.g, public key cryptography, firewalls, virtual private networks, among many others), they lack mechanisms and frameworks to monitor, audit and verify these data privacy concerns. The emergence of data protection regulations around the world, such as General Data Protection Regulation (GDPR) in Europe and the Data Protection Act (DPA) in the UK, further emphasise the need to overcome these privacy limitations. A novel technique for monitoring, auditing and verifying the operations carried out on a users personal data in cloud computing ecosystems is proposed. Our research methodology leverages distributed ledger technologies (e.g., Blockchain, Smart Contracts) for developing an immutable recording technique, which transparently logs, monitors and verifies the operations carried out on user data. Using a healthcare pharmacy scenario and extensive real-world experiments, we validate the feasibility of the proposed technique. The proposed work handles a large pool of requests (> 13K) ensuring minimal latency (approx. 50-60 ms) and overheads for three different service packages varied with respect to the number of actors and operations).

Citation

Barati, M., Aujla, G. S., Llanos, J. T., Duodu, K. A., Rana, O. F., Carr, M., & Rajan, R. (2022). Privacy-Aware Cloud Auditing for GDPR Compliance Verification in Online Healthcare. IEEE Transactions on Industrial Informatics, 18(7), 4808-4819. https://doi.org/10.1109/tii.2021.3100152

Journal Article Type Article
Acceptance Date Jul 27, 2021
Online Publication Date Jul 27, 2021
Publication Date 2022-07
Deposit Date Sep 10, 2021
Publicly Available Date Mar 29, 2024
Journal IEEE Transactions on Industrial Informatics
Print ISSN 1551-3203
Electronic ISSN 1941-0050
Publisher Institute of Electrical and Electronics Engineers
Peer Reviewed Peer Reviewed
Volume 18
Issue 7
Pages 4808-4819
DOI https://doi.org/10.1109/tii.2021.3100152

Files

Accepted Journal Article (1.6 Mb)
PDF

Copyright Statement
© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.





You might also like



Downloadable Citations