Paper Info
Title
Pdguard: An Architecture For The Control And Secure Processing Of Personal Data
Abstract
Online personal data are rarely, if ever, effectively controlled by the users they concern. Worse, as demonstrated by the numerous leaks reported each week, the organizations that store and process them fail to adequately safeguard the required confidentiality. In this paper, we proposepdguard, a framework that defines prototypes and demonstrates an architecture and an implementation that address both problems. In the context ofpdguard, personal data are always stored encrypted as opaque objects. Processing them can only be performed through thepdguard application programming interface (api), under data and action-specific authorizations supplied online by third party agents. Through these agents, end-users can easily and reliably authorize and audit how organizations use their personal data. A static verifier can be employed to identify accidentalapimisuses. Following a security by design approach,pdguard changes the problem of personal data management from the, apparently, intractable problem of supervising processes, operations, personnel, and a large software stack to that of auditing the applications that use the framework for compliance. We demonstrate the framework's applicability through a reference implementation, by building apdguard-based e-shop, and by integratingpdguard into theThe Guardiannewspaper's website identity application.
Year
DOI
Venue
2020
10.1007/s10207-019-00468-5
INTERNATIONAL JOURNAL OF INFORMATION SECURITY
Keywords
DocType
Volume
Personal data, Software architecture, Encrypted data, Auditing
Journal
19
Issue
ISSN
Citations 
4
1615-5262
0
PageRank 
References 
Authors
0.34
0
4
Name
Order
Citations
PageRank
Dimitris Mitropoulos19015.14
Thodoris Sotiropoulos200.34
Nikos Koutsovasilis300.34
Diomidis Spinellis42023178.89