This paper presents an architecture of a Personal Information Management System, in which individuals can define the access to their personal data by means of smart contracts. These smart contracts, running on the Ethereum blockchain, implement access control lists and grant immutability, traceability and verifiability of the references to personal data, which is stored itself in a (possibly distributed) file system. A distributed authorization mechanism is devised, where trust from multiple network nodes is necessary to grant the access to the data. To this aim, two possible alternatives are described: a Secret Sharing scheme and Threshold Proxy Re-Encryption scheme. The performance of these alternatives is experimentally compared in terms of execution time. Threshold Proxy Re-Encryption appears to be faster in different scenarios, in particular when increasing message size, number of nodes and the threshold value, i.e. number of nodes needed to grant the data disclosure.

中文翻译：

---

通过分布式授权进行个人数据访问控制

本文介绍了个人信息管理系统的体系结构，其中个人可以通过智能合约定义对个人数据的访问。这些运行在以太坊区块链上的智能合约实现访问控制列表，并授予对个人数据的引用的不变性，可追溯性和可验证性，这些信息自身存储在（可能是分布式的）文件系统中。设计了一种分布式授权机制，其中需要来自多个网络节点的信任才能授予对数据的访问权限。为此，描述了两种可能的替代方案：秘密共享方案和阈值代理重新加密方案。这些替代方案的性能在执行时间方面通过实验进行了比较。在不同情况下，阈值代理重新加密似乎更快，