Consent management architecture for secure data transactions
Hyysalo, Jarkko; Hirvonsalo, Harri; Sauvola, Jaakko; Tuoriniemi, Samuli (2016-07-24)
Hyysalo J., Hirvonsalo H., Sauvola J. and Tuoriniemi S. (2016). Consent Management Architecture for Secure Data Transactions. In Proceedings of the 11th International Joint Conference on Software Technologies - Volume 1: ICSOFT-EA, ISBN 978-989-758-194-6, pages 125-132. DOI: 10.5220/0005941301250132
© 2016 SCITEPRESS, Science and Technology Publications, Lda - All rights reserved. Published in this repository with the kind permission of the publisher.
Digitalization of data intensive services presents several challenges, such as how to safely manage and use the multitude of personal data across various public, private and commercial service providers. Guaranteed privacy is especially critical in sensitive cases like health data management and processing. A key challenge and enabler for efficient data utilization is the need for an adequate consent management framework that meets the General Data Protection Regulation (GDPR). To facilitate sensitive secure data transactions where end-control always resides with the individual, a consent management architecture (CMA) is defined, utilizing the new MyData approach. The proposed CMA enables context-driven authorization of multi-sourced data for safe access by various health services. CMA proof-of-concept and experiences are described and discussed to concretize and evaluate the suggested architecture. Consent management and authorization topics are discussed as a service function of the MyData Operator. The technical APIs required for registering and authorizing data sources and data services via the Operator are demonstrated and analyzed to expedite development of this important area within the research and industrial communities.
- Avoin saatavuus