Search

CN-122027185-A - Non-transitory computer readable medium, apparatus

CN122027185ACN 122027185 ACN122027185 ACN 122027185ACN-122027185-A

Abstract

A non-transitory machine-readable medium comprising machine-readable instructions is provided. The machine readable instructions, when executed on the apparatus, cause the apparatus to receive, by a trusted authority, an access request to user data stored on a distributed network. The machine-readable instructions further cause the apparatus to search, by the trusted authority, for an entry in the immutable ledger that is related to the user data. The machine-readable instructions further cause the apparatus to selectively decide whether to grant access to the user data by the trusted authority and based on the access policy indicated by the entry for the user data.

Inventors

  • P. Zmievsky
  • A. Behrendt
  • M Bronk
  • K. Matushewitz

Assignees

  • 英特尔公司

Dates

Publication Date
20260512
Application Date
20251020
Priority Date
20241111

Claims (20)

  1. 1. A non-transitory machine-readable medium comprising machine-readable instructions that, when executed on an apparatus, cause the apparatus to: Receiving, by a trusted authority, an access request to user data stored on a distributed network; searching, by the trusted authority, for an entry in the immutable ledger that is related to the user data; Selectively deciding, by the trusted authority and based on the access policy indicated by the entry for the user data, whether to grant access to the user data.
  2. 2. The non-transitory machine readable medium of claim 1, wherein the machine readable instructions further comprise instructions to: receiving, by the trusted authority, the updated access policy, and The user data is selectively revoked based on the updated access policy.
  3. 3. The non-transitory machine readable medium of claim 2, wherein to selectively revoke the user data, the machine readable instructions further comprise instructions to selectively invalidate a key provided for the user data.
  4. 4. The non-transitory machine readable medium of claim 2 or 3, wherein to selectively revoke the user data, the machine readable instructions further comprise instructions to revoke access to the user data for at least one participant in the distributed network.
  5. 5. The non-transitory machine readable medium of claim 2 or 3, wherein to selectively revoke the user data, the machine readable instructions further comprise instructions to revoke access to third party data, wherein the third party data is generated by a participant in the distributed network based on the user data.
  6. 6. The non-transitory machine readable medium of claim 5, wherein the third party data is derivative data or is included in aggregated data.
  7. 7. The non-transitory machine readable medium of claim 6, wherein if the third party data is included in aggregated data and access to the third party data is revoked, other data in the aggregated data remains accessible.
  8. 8. The non-transitory machine readable medium of claim 1 or 2, wherein if access to the user data is granted, the machine readable instructions further comprise instructions to: a key for accessing the user data is supplied by the trusted authority based on a remote attestation.
  9. 9. A non-transitory machine-readable medium comprising machine-readable instructions that, when executed on an apparatus, cause the apparatus to: Receiving, by a trusted authority, key data related to user data, wherein the user data is stored or is to be stored on a distributed network; creating a tree structure of the non-mutable ledger by the trusted authority, wherein a root of the tree structure indicates at least an identifier for user data, and When a participant of the distributed network generates third party data based on the user data, a node is created in the tree structure by the trusted authority that indicates at least an identifier for the third party data.
  10. 10. The non-transitory machine readable medium of claim 9, wherein the user data is generated by a first participant of the distributed network and the third party data is generated by a second participant of the distributed network, and wherein the machine readable instructions further comprise instructions to: In response to the revocation of the user data, a node is created in the tree structure that indicates at least an identifier for modified third party data that corresponds to the third party data and from which the indication of the user data was removed.
  11. 11. The non-transitory machine readable medium of claim 9 or 10, wherein the identifier for the user data comprises a key for decrypting the user data.
  12. 12. The non-transitory machine readable medium of claim 11, wherein the identifier for the third party data comprises a key for decrypting the third party data, the key for decrypting the third party data generated based on the key for decrypting the user data.
  13. 13. An apparatus comprising interface circuitry, machine-readable instructions, and processing circuitry to execute the machine-readable instructions to: Receiving, by a trusted authority, an access request to user data stored on a distributed network; searching, by the trusted authority, an immutable ledger to obtain entries related to the user data; determining, by the trusted authority, whether to grant access to the user data based on the access policy for the user data indicated by the entry.
  14. 14. The apparatus of claim 13, wherein the machine-readable instructions further comprise instructions to: receiving, by the trusted authority, the updated access policy, and The user data is selectively revoked based on the updated access policy.
  15. 15. The apparatus of claim 14, wherein to selectively revoke the user data, the machine-readable instructions further comprise instructions to selectively invalidate a key provided for the user data.
  16. 16. The apparatus of claim 14 or 15, wherein to selectively revoke the user data, the machine-readable instructions further comprise instructions to revoke access to the user data for at least one participant in the distributed network.
  17. 17. The apparatus of claim 14 or 15, wherein to selectively revoke the user data, the machine-readable instructions further comprise instructions to revoke access to third-party data generated by a participant in the distributed network based on the user data.
  18. 18. The apparatus of claim 17, wherein the third party data is derivative data or is included in aggregated data.
  19. 19. The apparatus of claim 18, wherein if the third party data is included in aggregated data and access to the third party data is revoked, other data in the aggregated data remains accessible.
  20. 20. The apparatus of claim 13 or 14, wherein if access to the user data is granted, the machine-readable instructions further comprise instructions to: a key for accessing the user data is supplied by the trusted authority based on a remote attestation.

Description

Non-transitory computer readable medium, apparatus Background Users who use services in a distributed network (e.g., the internet) may be required to share personal data in order to be able to use the services. On the other hand, the user may need to be able to request that personal data be removed from the network (e.g., effectively request that it be "forgotten", e.g., for fulfilling GDPR (general data protection regulations), "forgotten rights", or for fulfilling other regulations or laws). The request may cause limited access to the data, or the data may be truly/completely removed. In the latter case, all data sets (whether subsets, supersets, or new data derived based on the original data) resulting from processing the original data set may also need to be altered or removed, effectively restoring the state of the network to a state where the original data is virtually absent. Drawings Some examples of apparatus and/or methods will be described below, by way of example only, with reference to the accompanying drawings, in which: FIG. 1 illustrates a block diagram of an apparatus according to the present disclosure; FIG. 2 illustrates a block diagram of an apparatus according to the present disclosure; FIG. 3 depicts a flow chart of a method according to the present disclosure; FIG. 4 depicts a flow chart of a method according to the present disclosure; FIG. 5 depicts a flow chart of a method for data creation and registration in accordance with the present disclosure; FIG. 6 depicts a flowchart of a method for revoking access to data according to the present disclosure; FIG. 7 depicts a sequence diagram of a method for data creation according to the present disclosure; FIG. 8 depicts a sequence diagram of a method for data access and derivative creation in accordance with the present disclosure, and Fig. 9 depicts a sequence diagram of a method for data revocation in accordance with the present disclosure. Detailed Description Some examples are now described in more detail with reference to the accompanying drawings. However, other possible examples are not limited to the features of these embodiments described in detail. Other examples may include modifications of the features, equivalents of the features, and alternatives. Furthermore, the terminology used herein to describe certain examples should not be limiting of other possible examples. Throughout the description of the figures, the same or similar reference numerals refer to the same or similar elements and/or features, which may be the same or implemented in modified form while providing the same or similar functionality. The thickness of lines, layers and/or regions in the drawings may also be exaggerated for clarity. When two elements a and B are combined using an or, it is to be understood that this discloses all possible combinations, i.e. a only, B only, and a and B, unless explicitly defined otherwise in the individual cases. As alternative wording of the same combination, at least one of "a and B" or "a and/or B" may be used. This applies equally to combinations of more than two elements. If singular forms such as "a/an" and "the" are used and the use of only a single element is neither explicitly nor implicitly limited to be mandatory, further examples may also use several elements to achieve the same functionality. If the functionality is described below as being implemented using multiple elements, further examples may be implemented using a single element or a single processing entity. It will be further understood that the terms "comprises," "comprising," "includes," and/or "including," when used, specify the presence of stated features, integers, steps, operations, elements, components, and/or groups thereof, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. Fig. 1 illustrates a block diagram of an example of an apparatus 100 (or device 100). The apparatus 100 includes circuitry configured to provide the functionality of the apparatus 100. For example, the apparatus 100 of fig. 1 includes interface circuitry 120, processing circuitry 130, and (optionally) storage circuitry 140. For example, processing circuitry 130 may be coupled with interface circuitry 120 and, optionally, with storage circuitry 140. For example, the processing circuitry 130 may be configured to provide the functionality of the apparatus 100 in conjunction with the interface circuitry 120. For example, interface circuitry 120 is configured to exchange information with other components, such as internal or external to device 100, and storage circuitry 140. Also, the device 100 may comprise means configured for providing the functionality of the device 100. The components of the apparatus 100 are defined as component means, which may correspond to or be implemented by respective structural components of the apparatus 100. For example, the apparatus 100 of fig. 1 co