Kwabena Adu-Duodu scite author profile

Kwabena Adu-Duodu

3Publications

8Citation Statements Received

76Citation Statements Given

How they've been cited

How they cite others

Affiliations

Newcastle University

Publications

Order By: Most citations

Privacy-Aware Cloud Auditing for GDPR Compliance Verification in Online Healthcare

Barati

Aujla

Llanos

et al. 2022

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

Emerging multi-tenant cloud computing ecosystems allow multiple applications to share virtualised pool of computing and networking resources. As a result such ecosystems are becoming increasingly prone to data privacy concerns (personal data leakages and unauthorised access). While cloud computing providers support robust security and privacy mechanisms (e.g, public key cryptography, firewalls, virtual private networks, among many others), they lack mechanisms and frameworks to monitor, audit and verify these data privacy concerns. The emergence of data protection regulations around the world, such as General Data Protection Regulation (GDPR) in Europe and the Data Protection Act (DPA) in the UK, further emphasise the need to overcome these privacy limitations. A novel technique for monitoring, auditing and verifying the operations carried out on a user's personal data in cloud computing ecosystems is proposed. Our research methodology leverages distributed ledger technologies (e.g., Blockchain, Smart Contracts) for developing an immutable recording technique, which transparently logs, monitors and verifies the operations carried out on user data. Using a healthcare pharmacy scenario and extensive real-world experiments, we validate the feasibility of the proposed technique. The proposed work handles a large pool of requests (> 13K) ensuring minimal latency (≈50-60 ms) and overheads for three different service packages varied with respect to the number of actors and operations).

show abstract

Compliance Checking of Cloud Providers: Design and Implementation

Barati

Adu-Duodu

Rana

et al. 2023

Distrib. Ledger Technol.

View full text Add to dashboard Cite

The recognition of capabilities supplied by cloud systems is presently growing up. Collecting or sharing healthcare data and sensitive information especially during Covid-19 pandemic has motivated organizations and enterprises to leverage the upsides coming from cloud-based applications. However, the privacy of electronic data in such applications remains a significant challenge for cloud vendors to adapt their solutions with existing privacy legislation standards such as general data protection regulation (GDPR). This paper, first, proposes a formal model and verification for data usage requests of providers in a cloud composite service using a model checking tool. A cloud pharmacy scenario is presented to illustrate the connectivity of providers in the composite service and the stream of their requests for both collection and movement of patient data. A set of verification is, then, undertaken over the pharmacy service in accordance with three significant GDPR obligations, namely user consent, data access and data transfer. Following that, the paper designs and implements a cloud container virtualization based on the verified formal model realising GDPR requirements. The container makes use of some enforcement smart contracts to only proceed the providers’ requests, which are compliant with GDPR. Finally, several experiments are provided to investigate the performance of our approach in terms of time, memory and cost.

show abstract

Privacy & Cloud Services: Are We There Yet?

Marikyan

Llanos

Barati

et al. 2021

View full text Add to dashboard Cite

The General Data Protection Regulation (GDPR) remains an important requirement for many electronic services which utilise user data. GDPR compliance verification for a cloud provider is aimed to confirm that personal data provided by a user is shared in-line with the requirements of this legislation, so that any subsequent audit carried out on the provider does not lead to a financial penalty. This verification involves two aspects: (i) ensuring that user consent has been obtained; (ii) sharing of data with external cloud providers is undertaken in a transparent way, so that the user is aware of which providers the information was shared with and for what purpose. Using a survey we describe why users are still ambivalent about the use of GDPRand how its adoption can be improved using a Blockchain-based architecture that can provide greater transparency on how GDPR compliance is supported by cloud providers.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.