GC Blockchain Codefest

Role-based access control for secure Data Governance

Context

Role-based access control is an important component for data governance, security and compliance. Confidential data sets can be limited to a few privileged users and production systems, while downstream sanitized/anonymized data sets can be made available to a wider audience. Simulated data assets can be relaxed in terms of access control in order to facilitate research and development.

Opportunity

Managing data access

• Entering into a data agreement by joining a consortium of trusted participants
• Maintaining a ledger of data access events by participants
• Maintaining data privacy and security constraints
• Overcoming the challenge of having relatively few trusted chain participants (the number of trusted participants in the context of GoC is quite limited)

Data asset security innovation could be achieved with private blockchain coupled to large data sets and/or repositories with access controls. The addition of a blockchain will store an independent immutable record of data access information coupled to the creation and usage of repositories. Similar to creation of data asset ontology, blockchain transactions can be required before creating or accessing a repository. Hence, one could dream of a self-serve data portal where not only public data sets are available, but more restricted types are available as well. The marriage of the two technologies, private blockchain and data asset repositories (ex: Pachyderm repos), could provide the most robust, sustainable and secure data governance.