Data Capsule: A Self-Contained Data Model as an Access Policy Enforcement Strategy

TL;DR

This paper presents a data capsule model that securely and privately manages personal data exchange using blockchain and attribute-based encryption, reducing interactions and ensuring transparent access policies.

Contribution

It introduces a self-contained data container leveraging blockchain and attribute-based encryption for secure, privacy-preserving data sharing with enforced access policies.

Findings

Reduces interactions between users and service providers.

Ensures access policies are transparent and strictly enforced.

Supports privacy-respecting data exchange.

Abstract

In this paper, we introduce a data capsule model, a self-contained and self-enforcing data container based on emerging self-sovereign identity standards, blockchain, and attribute-based encryption. A data capsule allows for a transparent, privacy-respecting, and secure exchange of personal data, enabling a progressive trust scheme in a semi-trusted environment. Each data capsule is bundled with its own access policy structure and verifiable data, drastically reducing the number of interactions needed among the user, the service providers, and data custodians. Moreover, by relying on the decentralized nature of blockchain and attribute-based encryption our proposed model ensures the access policies published by service providers are public, transparent, and strictly followed.