Data Behind the Walls An Advanced Architecture for Data Privacy Management

TL;DR

This paper introduces an advanced multi-layer architecture for managing data privacy, combining de-identification, anonymisation, role-based access control, and security policies, validated on healthcare datasets.

Contribution

It presents a novel three-layer architecture integrating privacy-preserving techniques and access control policies for secure data management.

Findings

Effective privacy management demonstrated on healthcare data

Enhanced access control through role and policy regulation

Improved data security and privacy compliance

Abstract

In today's highly connected society, we are constantly asked to provide personal information to retailers, voter surveys, medical professionals, and other data collection efforts. The collected data is stored in large data warehouses. Organisations and statistical agencies share and use this data to facilitate research in public health, economics, sociology, etc. However, this data contains sensitive information about individuals, which can result in identity theft, financial loss, stress and depression, embarrassment, abuse, etc. Therefore, one must ensure rigorous management of individuals' privacy. We propose, an advanced data privacy management architecture composed of three layers. The data management layer consists of de-identification and anonymisation, the access management layer for re-enforcing data access based on the concepts of Role-Based Access Control and the Chinese Wall Security Policy, and the roles layer for regulating different users. The proposed system architecture is validated on healthcare datasets.