The recent increase in reported incidents of surveillance and security breaches compromising users’ privacy call into question the current model, in which third-parties collect and control massive amounts of personal data.
Bitcoin has demonstrated in the financial space that trusted, auditable computing is possible using a decentralized network of peers accompanied by a public ledger.
We implement a protocol that turns our blockchain into an automated access-control manager that does not require trust in a third party. Unlike Bitcoin, transactions in our system are not strictly financial – they are used to carry instructions, such as storing, querying and sharing data.
We combined blockchain and distributed storage to construct a personal data management platform focused on privacy.
Data Ownership: Our system focuses on ensuring that users own and control their personal data. As such, the system recognizes the users as the owners of the data and the services as guests with delegated permissions.
Fine-grained Access Control: One major concern with online applications is that users are required to grant a set of permissions upon sign-up. These permissions are granted indefinitely and the only way to alter the agreement is by opting-out. Instead, in our system, at any given time the
user may alter the set of permissions and revoke access to previously stored data.
Example: Using Aloaha Messenger as a blockchain based Data Vault
The messenger built into the Aloaha Wallet encrypts all data transferred with the public keys of the sender and the recipient to guarantee that nobody else will ever be able to decrypt the data.
- Click on the button “Messages” in your Aloaha Wallet to open the Messenger.
- Leave the fields “Recipient Address” and “Recipient Public Key” so they are automatically filled with your own address and public key on encryption.
- Enter a unique “Message ID”. You will need it to retrieve the saved message in future.
- Enter your message, a short note, your sensitive data to be stored, etc. into the “Message” field.
- Optionally attach a file to the message.
- Scroll down and click “Encrypt and Submit Data”.
You data will now be AES256 encrypted inside your client and will be protected by your private key. That highly encrypted data will then be stored fully immutable in our blockchain.
Since only you know the private key required to decrypt the data nobody else can ever gain access to your data.