Abstract
Wearable fitness devices are widely used to track an individual's health and physical activities to improve the quality of health services. These devices sense a considerable amount of sensitive data processed by a centralized third party. While many researchers have thoroughly evaluated privacy issues surrounding wearable fitness trackers, no study has addressed privacy issues in trackers by giving control of the data to the user. Blockchain is an emerging technology with outstanding advantages in resolving consent management privacy concerns. As there are no fully transparent, legally compliant solutions for sharing personal fitness data, this study introduces an architecture for a human-centric, legally compliant, decentralized and dynamic consent system based on blockchain and smart contracts. Algorithms and sequence diagrams of the proposed system's activities show consent-related data flow among various agents, which are used later to prove the system's trustworthiness by formalizing the security requirements. The security properties of the proposed system were evaluated using the formal security modeling framework SeMF, which demonstrates the feasibility of the solution at an abstract level based on formal language theory. As a result, we have empirically proven that blockchain technology is suitable for mitigating the privacy issues of fitness providers by recording individuals' consent using blockchain and smart contracts.
Highlights
Due to the recent growth in the use of wearable fitness devices, such as smartwatches, individuals are exposed to vast quantities of their own sensitive health data [1]
The European Union’s (EU’s) General Data Protection Regulation (GDPR) [5], which came into effect in May 2018 [5], enforces data protection regulations on data processors, giving subjects more control over their fitness data by mandating that they provide consent
This research makes use of the design science research (DSR) approach to solve the issue of fitness providers’ privacy because no existing solution has met all of our requirements; it involves an innovative discovery of system artifacts and evaluates them in formal abstract description using SeMF [18]
Summary
Due to the recent growth in the use of wearable fitness devices, such as smartwatches, individuals are exposed to vast quantities of their own sensitive health data [1]. These wearables track a variety of data, including health and physical activities such as sleep, steps, and blood pressure [2]. The European Union’s (EU’s) General Data Protection Regulation (GDPR) [5], which came into effect in May 2018 [5], enforces data protection regulations on data processors, giving subjects more control over their fitness data by mandating that they provide consent. Several solutions that preserve privacy [14]–
Published Version (Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.