Recommendation ITU-T X.1408 (10/2021) Security threats and requirements for data access and sharing based on the distributed ledger technology
Summary
History
FOREWORD
Table of Contents
1 Scope
2 References
3 Definitions
     3.1 Terms defined elsewhere
     3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Personally identifiable information (PII) protection in DLT
     6.1 General PII protection principle
     6.2 Classification of DLT
     6.3 PII storage within distributed ledger
     6.4 PII storage outside distributed ledger
7 Reference model for data access and sharing based on DLT
     7.1 Overview
     7.2 Transaction flow
          7.2.1 Transaction flow of data processing without distributed ledger technology
          7.2.2 Transaction flow of data processing with distributed ledger technology
8 Security threats
     8.1 Threat assumptions
     8.2 Security threats to entities
          8.2.1 Security threats to data controller
          8.2.2 Security threats to data processor
          8.2.3 Security threats to data owner
          8.2.4 Security threats to data usage contract
     8.3 Security threats to the communication between entities
     8.4 Security threats to data
          8.4.1 Security threats on inappropriate data processing related to data owner
          8.4.2 Security threats to data stored in on-chain or off-chain distributed ledgers
9 Security requirements for DLT based data access and sharing
     9.1 General security requirements and recommendations for data access and sharing
     9.2 Security requirements to agents
          9.2.1 Security requirements and recommendations for data owner agent
          9.2.2 Security requirements and recommendations for data controller agent
          9.2.3 Security requirements and recommendations for data processor agent
     9.3 Security requirements for communication between agents
          9.3.1 Security requirements for communication between data owner agent and data controller agent
          9.3.2 Security requirements and recommendations for communication between data controller agent and data processor agent
     9.4 Security requirements for data
          9.4.1 Security requirements and recommendations for data usage contract
          9.4.2 Security requirements and recommendations to protect data on-chain or off-chain
Annex A  Other types of data access and sharing models
Annex B  Technical specification to implement the functional model
     B.1 Components of functional architecture
     B.2 Procedures of data access and sharing based on DLT
Bibliography
<\pre>