No Cover Image

Journal article 391 views 95 downloads

Assessing the Solid Protocol in Relation to Security and Privacy Obligations

Christian Esposito Orcid Logo, Ross Horne Orcid Logo, Livio Robaldo Orcid Logo, Bart Buelens Orcid Logo, Elfi Goesaert

Information, Volume: 14, Issue: 7, Start page: 411

Swansea University Author: Livio Robaldo Orcid Logo

  • 63893.VOR.pdf

    PDF | Version of Record

    © The Author(s) 2023. Licensee MDPI, Basel, Switzerland. Distributed under the terms of a Creative Commons Attribution 4.0 License (CC BY 4.0).

    Download (915.13KB)

Check full text

DOI (Published version): 10.3390/info14070411

Abstract

The Solid specification aims to empower data subjects by giving them direct access control over their data across multiple applications. As governments are manifesting their interest in this framework for citizen empowerment and e-government services, security and privacy represent pivotal issues to...

Full description

Published in: Information
ISSN: 2078-2489
Published: MDPI AG 2023
Online Access: Check full text

URI: https://cronfa.swan.ac.uk/Record/cronfa63893
first_indexed 2023-08-23T11:17:54Z
last_indexed 2024-11-25T14:13:03Z
id cronfa63893
recordtype SURis
fullrecord <?xml version="1.0"?><rfc1807><datestamp>2023-12-13T15:36:14.5890475</datestamp><bib-version>v2</bib-version><id>63893</id><entry>2023-07-17</entry><title>Assessing the Solid Protocol in Relation to Security and Privacy Obligations</title><swanseaauthors><author><sid>b711cf9f3a7821ec52bd1e53b4f6cf9e</sid><ORCID>0000-0003-4713-8990</ORCID><firstname>Livio</firstname><surname>Robaldo</surname><name>Livio Robaldo</name><active>true</active><ethesisStudent>false</ethesisStudent></author></swanseaauthors><date>2023-07-17</date><deptcode>HRCL</deptcode><abstract>The Solid specification aims to empower data subjects by giving them direct access control over their data across multiple applications. As governments are manifesting their interest in this framework for citizen empowerment and e-government services, security and privacy represent pivotal issues to be addressed. By analysing the relevant legislation, with an emphasis on GDPR and officially approved documents such as codes of conduct and relevant security ISO standards, we formulate the primary security and privacy requirements for such a framework. The legislation places some obligations on pod providers, much like cloud services. However, what is more interesting is that Solid has the potential to support GDPR compliance of Solid apps and data users that connect, via the protocol, to Solid pods containing personal data. A Solid-based healthcare use case is illustrated where identifying such controllers responsible for apps and data users is essential for the system to be deployed. Furthermore, we survey the current Solid protocol specifications regarding how they cover the highlighted requirements, and draw attention to potential gaps between the specifications and requirements. We also point out the contribution of recent academic work presenting novel approaches to increase the security and privacy degree provided by the Solid project. This paper has a twofold contribution to improve user awareness of how Solid can help protect their data and to present possible future research lines on Solid security and privacy enhancements.</abstract><type>Journal Article</type><journal>Information</journal><volume>14</volume><journalNumber>7</journalNumber><paginationStart>411</paginationStart><paginationEnd/><publisher>MDPI AG</publisher><placeOfPublication/><isbnPrint/><isbnElectronic/><issnPrint/><issnElectronic>2078-2489</issnElectronic><keywords>Distributed knowledge graphs; social linked data; Solid; privacy; security; data protection; authentication protocols</keywords><publishedDay>16</publishedDay><publishedMonth>7</publishedMonth><publishedYear>2023</publishedYear><publishedDate>2023-07-16</publishedDate><doi>10.3390/info14070411</doi><url>http://dx.doi.org/10.3390/info14070411</url><notes/><college>COLLEGE NANME</college><department>Hillary Rodham Clinton Law School</department><CollegeCode>COLLEGE CODE</CollegeCode><DepartmentCode>HRCL</DepartmentCode><institution>Swansea University</institution><apcterm/><funders>This research was partially funded by the COST Action on Distributed Knowledge Graphs (CA19134), supported by COST (European Cooperation in Science and Technology).</funders><projectreference/><lastEdited>2023-12-13T15:36:14.5890475</lastEdited><Created>2023-07-17T09:35:02.2711063</Created><path><level id="1">Faculty of Humanities and Social Sciences</level><level id="2">Hilary Rodham Clinton School of Law</level></path><authors><author><firstname>Christian</firstname><surname>Esposito</surname><orcid>0000-0002-0085-0748</orcid><order>1</order></author><author><firstname>Ross</firstname><surname>Horne</surname><orcid>0000-0003-0162-1901</orcid><order>2</order></author><author><firstname>Livio</firstname><surname>Robaldo</surname><orcid>0000-0003-4713-8990</orcid><order>3</order></author><author><firstname>Bart</firstname><surname>Buelens</surname><orcid>0000-0001-7734-3747</orcid><order>4</order></author><author><firstname>Elfi</firstname><surname>Goesaert</surname><order>5</order></author></authors><documents><document><filename>63893__28355__212d6bf8ef5640e183632736dd1cb33e.pdf</filename><originalFilename>63893.VOR.pdf</originalFilename><uploaded>2023-08-23T12:16:59.9027987</uploaded><type>Output</type><contentLength>937098</contentLength><contentType>application/pdf</contentType><version>Version of Record</version><cronfaStatus>true</cronfaStatus><documentNotes>&#xA9; The Author(s) 2023. Licensee MDPI, Basel, Switzerland. Distributed under the terms of a Creative Commons Attribution 4.0 License (CC BY 4.0).</documentNotes><copyrightCorrect>true</copyrightCorrect><language>eng</language><licence>https://creativecommons.org/licenses/by/4.0/</licence></document></documents><OutputDurs/></rfc1807>
spelling 2023-12-13T15:36:14.5890475 v2 63893 2023-07-17 Assessing the Solid Protocol in Relation to Security and Privacy Obligations b711cf9f3a7821ec52bd1e53b4f6cf9e 0000-0003-4713-8990 Livio Robaldo Livio Robaldo true false 2023-07-17 HRCL The Solid specification aims to empower data subjects by giving them direct access control over their data across multiple applications. As governments are manifesting their interest in this framework for citizen empowerment and e-government services, security and privacy represent pivotal issues to be addressed. By analysing the relevant legislation, with an emphasis on GDPR and officially approved documents such as codes of conduct and relevant security ISO standards, we formulate the primary security and privacy requirements for such a framework. The legislation places some obligations on pod providers, much like cloud services. However, what is more interesting is that Solid has the potential to support GDPR compliance of Solid apps and data users that connect, via the protocol, to Solid pods containing personal data. A Solid-based healthcare use case is illustrated where identifying such controllers responsible for apps and data users is essential for the system to be deployed. Furthermore, we survey the current Solid protocol specifications regarding how they cover the highlighted requirements, and draw attention to potential gaps between the specifications and requirements. We also point out the contribution of recent academic work presenting novel approaches to increase the security and privacy degree provided by the Solid project. This paper has a twofold contribution to improve user awareness of how Solid can help protect their data and to present possible future research lines on Solid security and privacy enhancements. Journal Article Information 14 7 411 MDPI AG 2078-2489 Distributed knowledge graphs; social linked data; Solid; privacy; security; data protection; authentication protocols 16 7 2023 2023-07-16 10.3390/info14070411 http://dx.doi.org/10.3390/info14070411 COLLEGE NANME Hillary Rodham Clinton Law School COLLEGE CODE HRCL Swansea University This research was partially funded by the COST Action on Distributed Knowledge Graphs (CA19134), supported by COST (European Cooperation in Science and Technology). 2023-12-13T15:36:14.5890475 2023-07-17T09:35:02.2711063 Faculty of Humanities and Social Sciences Hilary Rodham Clinton School of Law Christian Esposito 0000-0002-0085-0748 1 Ross Horne 0000-0003-0162-1901 2 Livio Robaldo 0000-0003-4713-8990 3 Bart Buelens 0000-0001-7734-3747 4 Elfi Goesaert 5 63893__28355__212d6bf8ef5640e183632736dd1cb33e.pdf 63893.VOR.pdf 2023-08-23T12:16:59.9027987 Output 937098 application/pdf Version of Record true © The Author(s) 2023. Licensee MDPI, Basel, Switzerland. Distributed under the terms of a Creative Commons Attribution 4.0 License (CC BY 4.0). true eng https://creativecommons.org/licenses/by/4.0/
title Assessing the Solid Protocol in Relation to Security and Privacy Obligations
spellingShingle Assessing the Solid Protocol in Relation to Security and Privacy Obligations
Livio Robaldo
title_short Assessing the Solid Protocol in Relation to Security and Privacy Obligations
title_full Assessing the Solid Protocol in Relation to Security and Privacy Obligations
title_fullStr Assessing the Solid Protocol in Relation to Security and Privacy Obligations
title_full_unstemmed Assessing the Solid Protocol in Relation to Security and Privacy Obligations
title_sort Assessing the Solid Protocol in Relation to Security and Privacy Obligations
author_id_str_mv b711cf9f3a7821ec52bd1e53b4f6cf9e
author_id_fullname_str_mv b711cf9f3a7821ec52bd1e53b4f6cf9e_***_Livio Robaldo
author Livio Robaldo
author2 Christian Esposito
Ross Horne
Livio Robaldo
Bart Buelens
Elfi Goesaert
format Journal article
container_title Information
container_volume 14
container_issue 7
container_start_page 411
publishDate 2023
institution Swansea University
issn 2078-2489
doi_str_mv 10.3390/info14070411
publisher MDPI AG
college_str Faculty of Humanities and Social Sciences
hierarchytype
hierarchy_top_id facultyofhumanitiesandsocialsciences
hierarchy_top_title Faculty of Humanities and Social Sciences
hierarchy_parent_id facultyofhumanitiesandsocialsciences
hierarchy_parent_title Faculty of Humanities and Social Sciences
department_str Hilary Rodham Clinton School of Law{{{_:::_}}}Faculty of Humanities and Social Sciences{{{_:::_}}}Hilary Rodham Clinton School of Law
url http://dx.doi.org/10.3390/info14070411
document_store_str 1
active_str 0
description The Solid specification aims to empower data subjects by giving them direct access control over their data across multiple applications. As governments are manifesting their interest in this framework for citizen empowerment and e-government services, security and privacy represent pivotal issues to be addressed. By analysing the relevant legislation, with an emphasis on GDPR and officially approved documents such as codes of conduct and relevant security ISO standards, we formulate the primary security and privacy requirements for such a framework. The legislation places some obligations on pod providers, much like cloud services. However, what is more interesting is that Solid has the potential to support GDPR compliance of Solid apps and data users that connect, via the protocol, to Solid pods containing personal data. A Solid-based healthcare use case is illustrated where identifying such controllers responsible for apps and data users is essential for the system to be deployed. Furthermore, we survey the current Solid protocol specifications regarding how they cover the highlighted requirements, and draw attention to potential gaps between the specifications and requirements. We also point out the contribution of recent academic work presenting novel approaches to increase the security and privacy degree provided by the Solid project. This paper has a twofold contribution to improve user awareness of how Solid can help protect their data and to present possible future research lines on Solid security and privacy enhancements.
published_date 2023-07-16T20:36:15Z
_version_ 1821439190842212352
score 11.047609

Similar Items