[−][src]Module pbd::dtc
Background
The practice of implementing Data Tracker Chains addresses the following Privacy Design Strategies:
- Inform
- Control
- Demonstrate
Whenever data is passed through Actors (e.g.: data collection between an online portal and the backend service to order the product), it is important to ensure that data lineage is tracked and retained.
A privacy engineering practice that supports the real-time recording of data lineage is to implement a Data Tracking Chain that lives with the data.
Usage
Whenever the data is touched by a processor or landed in a location, we have the Tracker add a Marker its MarkerChain.
extern crate pbd; use pbd::dtc::Tracker; fn main() { let mut tracker = Tracker::new("purchaseId=12345".to_string()); tracker.add(1578071239, "payment-validator".to_string(), "purchaseId=12345".to_string()); tracker.add(1578071245, "credit-card-transaction-processor".to_string(), "purchaseId=12345".to_string()); println!("{}", tracker.serialize()); }
We can ensure that the MarkerChain has been tampered with outside of the Tracker's control (e.g.: tracker.serialize()
=> change the JSON => Tracker::from_serialize()
)
by calling the is_valid()
method.
extern crate pbd; extern crate json; use pbd::dtc::{Marker, Tracker}; fn main() { let mut tracker = Tracker::new("purchaseId=12345".to_string()); tracker.add(1578071239, "payment-validator".to_string(), "purchaseId=12345".to_string()); tracker.add(1578071245, "credit-card-transaction-processor".to_string(), "purchaseId=12345".to_string()); let mut markerchain: Vec<Marker> = serde_json::from_str(&tracker.serialize()).unwrap(); markerchain[1].identifier.actor_id = "tampered data".to_string(); let serialized = serde_json::to_string(&markerchain).unwrap(); let tracker_tampered = Tracker::from_serialized(&serialized).unwrap(); assert_eq!(Tracker::is_valid(&tracker_tampered), false); }
We can also ensure that Data Tracker Chains are passed when working with RESTful APIs by implementing the middleware
and extractor
modules.
Modules
error | Data Tracker Chain specific Errors |
extractor | An Extractor that parses the HTTP header and pulls out the Data Tracker Chain |
middleware | Middleware for ensuring a Data Tracker Chain is present and valid |
Structs
Marker | Represents a Marker |
MarkerIdentifier | Represents a MarkerIdentifier |
Tracker | Represents a Tacker (a.k.a. MarkerChain) |
Statics
DIFFICULTY | The nonce value for adding complexity to the hash |
DTC_HEADER | The standard header attribute for list (array) of the Data Usage Agreements |