Transition from closed information storage systems to an open and collaborative system of cross-organizational data sharing and integration faces a core trilemma in terms of creating “Trust-Privacy-Efficiency balance”. Enterprises face a dichotomy when deciding whether to adopt a centralized intermediary solution involving potential agency problems, or implement fragmented bilateral integration, which is neither scalable nor safe from data breaches. Although blockchain technology provides a decentralized way of establishing trust, early attempts to combine blockchains with GDPR-like privacy laws were unsuccessful because of inability to address data immutability and complex organizational governance. To tackle the challenge of constructing data sharing ecosystem within legal and practical constraints, we theorize a novel approach called “Trust-Architected Hybrid Governance Model” (TA-HGM). Our model builds on the foundation of Socio-Technical Systems (STS) Theory and the principles of Design Science Research (DSR). In order to create a trust-architecture-based model, we utilize the idea of hybridization of on-chain and off-chain enforcement of algorithmic trust and propose multi-layer architecture implementing the concept of Light Processing/Heavy Storage (LPHS-XV) combined with Attribute-Based Access Control (ABAC) and Ciphertext-Policy Attribute-Based Encryption (CP-ABE) in order to enforce policy-based access control. We demonstrate the viability of TA-HGM in terms of collusion and Sybil protection and illustrate its applicability in case of crypto-shredding and regulatory compliance. Thus, the contribution of our research lies in theoretical development and design science application in information systems.
Transition from closed information storage systems to an open and collaborative system of cross-organizational data sharing and integration faces a core trilemma in terms of creating “Trust-Privacy-Efficiency balance”. Enterprises face a dichotomy when deciding whether to adopt a centralized intermediary solution involving potential agency problems, or implement fragmented bilateral integration, which is neither scalable nor safe from data breaches. Although blockchain technology provides a decentralized way of establishing trust, early attempts to combine blockchains with GDPR-like privacy laws were unsuccessful because of inability to address data immutability and complex organizational governance. To tackle the challenge of constructing data sharing ecosystem within legal and practical constraints, we theorize a novel approach called “Trust-Architected Hybrid Governance Model” (TA-HGM). Our model builds on the foundation of Socio-Technical Systems (STS) Theory and the principles of Design Science Research (DSR). In order to create a trust-architecture-based model, we utilize the idea of hybridization of on-chain and off-chain enforcement of algorithmic trust and propose multi-layer architecture implementing the concept of Light Processing/Heavy Storage (LPHS-XV) combined with Attribute-Based Access Control (ABAC) and Ciphertext-Policy Attribute-Based Encryption (CP-ABE) in order to enforce policy-based access control. We demonstrate the viability of TA-HGM in terms of collusion and Sybil protection and illustrate its applicability in case of crypto-shredding and regulatory compliance. Thus, the contribution of our research lies in theoretical development and design science application in information systems.
