Blockchain from the Perspective of Privacy and Anonymisation: A Systematic Literature Review.

Francisco José De Haro-Olmo,José Antonio Álvarez-Bermejo,Ángel Jesús Varela-Vaca

doi:10.3390/s20247171

Francisco José De Haro-Olmo, José Antonio Álvarez-Bermejo + Show 1 more

Open Access

https://doi.org/10.3390/s20247171

Copy DOI

Abstract

The research presented aims to investigate the relationship between privacy and anonymisation in blockchain technologies on different fields of application. The study is carried out through a systematic literature review in different databases, obtaining in a first phase of selection 199 publications, of which 28 were selected for data extraction. The results obtained provide a strong relationship between privacy and anonymisation in most of the fields of application of blockchain, as well as a description of the techniques used for this purpose, such as Ring Signature, homomorphic encryption, k-anonymity or data obfuscation. Among the literature researched, some limitations and future lines of research on issues close to blockchain technology in the different fields of application can be detected. As conclusion, we extract the different degrees of application of privacy according to the mechanisms used and different techniques for the implementation of anonymisation, being one of the risks for privacy the traceability of the operations.

Highlights

The European Union has published and recently made available to the whole Union its GeneralData Protection Regulation (GDPR) and, given the need to reinforce privacy in the processing of personal data, it seems that anonymisation has been raised as a possible mechanism for its implementation
We observe a significant increase in the use of the term “blockchain” from 2016, which reaches its maximum in December 2017, there is a important moment Figure 2 when the term “privacy” becomes more popular than ”blockchain”, and the latter takes on greater importance
We find that only the identity involved in the transaction that is introduced in the blockchain is anonymised, leaving the rest of the information included in the transaction accessible [23,45,47], a feature that allows the audit of the entire blockchain if necessary and that in the case of sensitive information, as in the case of health [7], could lead to the exposure of information that allows to know the identity to which the transaction belongs

Summary

Introduction

The European Union has published and recently made available to the whole Union its GeneralData Protection Regulation (GDPR) and, given the need to reinforce privacy in the processing of personal data, it seems that anonymisation has been raised as a possible mechanism for its implementation. Measures represent an extremely important issue overall in the event of security breaches [3,4] and to ensure the traceability of transactions when reconstructing information in the event of a catastrophe or attack, even making it possible to reconstruct information and events from the perspective of computer forensics It is from this moment on that special emphasis is placed on the concept of privacy and on using the appropriate technology and mechanisms that make this possible; a concept that is directly related to the other term we include in the research: anonymisation.

Objectives

Methods

Discussion

Conclusion