{"title":"电子同意的安全和隐私要求","authors":"Stef Verreydt, Koen Yskout, W. Joosen","doi":"10.1145/3433995","DOIUrl":null,"url":null,"abstract":"Electronic consent (e-consent) has the potential to solve many paper-based consent approaches. Existing approaches, however, face challenges regarding privacy and security. This literature review aims to provide an overview of privacy and security challenges and requirements proposed by papers discussing e-consent implementations, as well as the manner in which state-of-the-art solutions address them. We conducted a systematic literature search using ACM Digital Library, IEEE Xplore, and PubMed Central. We included papers providing comprehensive discussions of one or more technical aspects of e-consent systems. Thirty-one papers met our inclusion criteria. Two distinct topics were identified, the first being discussions of e-consent representations and the second being implementations of e-consent in data sharing systems. The main challenge for e-consent representations is gathering the requirements for a “valid” consent. For the implementation papers, many provided some requirements but none provided a comprehensive overview. Blockchain is identified as a solution to transparency and trust issues in traditional client-server systems, but several challenges hinder it from being applied in practice. E-consent has the potential to grant data subjects control over their data. However, there is no agreed-upon set of security and privacy requirements that must be addressed by an e-consent platform. Therefore, security- and privacy-by-design techniques should be an essential part of the development lifecycle for such a platform.","PeriodicalId":72043,"journal":{"name":"ACM transactions on computing for healthcare","volume":"2 1","pages":"1 - 24"},"PeriodicalIF":0.0000,"publicationDate":"2021-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1145/3433995","citationCount":"5","resultStr":"{\"title\":\"Security and Privacy Requirements for Electronic Consent\",\"authors\":\"Stef Verreydt, Koen Yskout, W. Joosen\",\"doi\":\"10.1145/3433995\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Electronic consent (e-consent) has the potential to solve many paper-based consent approaches. Existing approaches, however, face challenges regarding privacy and security. This literature review aims to provide an overview of privacy and security challenges and requirements proposed by papers discussing e-consent implementations, as well as the manner in which state-of-the-art solutions address them. We conducted a systematic literature search using ACM Digital Library, IEEE Xplore, and PubMed Central. We included papers providing comprehensive discussions of one or more technical aspects of e-consent systems. Thirty-one papers met our inclusion criteria. Two distinct topics were identified, the first being discussions of e-consent representations and the second being implementations of e-consent in data sharing systems. The main challenge for e-consent representations is gathering the requirements for a “valid” consent. For the implementation papers, many provided some requirements but none provided a comprehensive overview. Blockchain is identified as a solution to transparency and trust issues in traditional client-server systems, but several challenges hinder it from being applied in practice. E-consent has the potential to grant data subjects control over their data. However, there is no agreed-upon set of security and privacy requirements that must be addressed by an e-consent platform. Therefore, security- and privacy-by-design techniques should be an essential part of the development lifecycle for such a platform.\",\"PeriodicalId\":72043,\"journal\":{\"name\":\"ACM transactions on computing for healthcare\",\"volume\":\"2 1\",\"pages\":\"1 - 24\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-03-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1145/3433995\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM transactions on computing for healthcare\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3433995\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM transactions on computing for healthcare","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3433995","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security and Privacy Requirements for Electronic Consent
Electronic consent (e-consent) has the potential to solve many paper-based consent approaches. Existing approaches, however, face challenges regarding privacy and security. This literature review aims to provide an overview of privacy and security challenges and requirements proposed by papers discussing e-consent implementations, as well as the manner in which state-of-the-art solutions address them. We conducted a systematic literature search using ACM Digital Library, IEEE Xplore, and PubMed Central. We included papers providing comprehensive discussions of one or more technical aspects of e-consent systems. Thirty-one papers met our inclusion criteria. Two distinct topics were identified, the first being discussions of e-consent representations and the second being implementations of e-consent in data sharing systems. The main challenge for e-consent representations is gathering the requirements for a “valid” consent. For the implementation papers, many provided some requirements but none provided a comprehensive overview. Blockchain is identified as a solution to transparency and trust issues in traditional client-server systems, but several challenges hinder it from being applied in practice. E-consent has the potential to grant data subjects control over their data. However, there is no agreed-upon set of security and privacy requirements that must be addressed by an e-consent platform. Therefore, security- and privacy-by-design techniques should be an essential part of the development lifecycle for such a platform.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
