Regulatory Compliance Verification: A Privacy Preserving Approach
: Morello, Massimo; Sainio, Petri; Alshawki, Mohammed
: Ganascia, Jean-Gabriel; Pujolle, Guy; Noura, Hassan; Salman, Ola; Hariss, Khalil; El Husseini, Fatema; El Madhoun, Nour
: Cyber Security in Networking Conference
: 2024
: Cyber Security in Networking Conference
: Proceedings of The 8th Cyber Security in Networking Conference (CSNet 2024): AI for Cybersecurity
: 8
: 263
: 267
: 979-8-3315-3411-0
: 979-8-3315-3410-3
: 2768-0010
: 2768-0029
DOI: https://doi.org/10.1109/CSNet64211.2024.10851761
: https://ieeexplore.ieee.org/document/10851761
: https://research.utu.fi/converis/portal/detail/Publication/181989282
During the regulatory compliance verification, the verifier may need to gain access to private information that can present risks to the privacy of the entities being verified. Therefore, while ensuring that entities are compliant with the regulations, such as GDPR, the regulatory compliance verification process need to safeguard the privacy of those entities. This paper proposes a privacy preserving regulatory compliance verification protocol, which has been integrated and implemented in a use case to verify the compliance with the article 32 of the GDPR. It provides a regulatory verification protocol, based on the attribute verification protocol, that reveals no private information of the entity being verified, other than the fact that it is compliant. Our results showed that the proposed protocol can efficiently verify the regulatory compliance of an entity by an external verifier.
:
This research was supported by Project no. TKP2021-NVA-29 implemented with the support provided by the Ministry of Culture and Innovation of Hungary from the National Research, Development and Innovation Fund, financed under the TKP2021-NVA funding scheme.
