Module pbd::dtc

source ·
Expand description

Background

The practice of implementing Data Tracker Chains addresses the following Privacy Design Strategies:

  • Inform
  • Control
  • Demonstrate

Whenever data is passed through Actors (e.g.: data collection between an online portal and the backend service to order the product), it is important to ensure that data lineage is tracked and retained.

A privacy engineering practice that supports the real-time recording of data lineage is to implement a Data Tracking Chain that lives with the data.

Usage

Whenever the data is touched by a processor or landed in a location, we have the Tracker add a Marker its MarkerChain.

extern crate pbd;

use pbd::dtc::Tracker;

fn main() {
    let mut tracker = Tracker::new("purchaseId=12345".to_string());
    tracker.add(1578071239, "payment-validator".to_string(), "purchaseId=12345".to_string());
    tracker.add(1578071245, "credit-card-transaction-processor".to_string(), "purchaseId=12345".to_string());

    println!("{}", tracker.serialize());
}

We can ensure that the MarkerChain has been tampered with outside of the Tracker’s control (e.g.: tracker.serialize() => change the JSON => Tracker::from_serialize()) by calling the is_valid() method.

extern crate pbd;
extern crate json;

use pbd::dtc::{Marker, Tracker};

fn main() {
    let mut tracker = Tracker::new("purchaseId=12345".to_string());
    tracker.add(1578071239, "payment-validator".to_string(), "purchaseId=12345".to_string());
    tracker.add(1578071245, "credit-card-transaction-processor".to_string(), "purchaseId=12345".to_string());
     
    let mut markerchain: Vec<Marker> = serde_json::from_str(&tracker.serialize()).unwrap();
    markerchain[1].identifier.actor_id = "tampered data".to_string();
    let serialized = serde_json::to_string(&markerchain).unwrap();
    let tracker_tampered = Tracker::from_serialized(&serialized).unwrap();
     
    assert_eq!(Tracker::is_valid(&tracker_tampered), false);
}

We can also ensure that Data Tracker Chains are passed when working with RESTful APIs by implementing the middleware and extractor modules.

Modules

  • error
    Data Tracker Chain specific Errors

Structs

Statics

  • DIFFICULTY
    The nonce value for adding complexity to the hash
  • DTC_HEADER
    The standard header attribute for list (array) of the Data Usage Agreements