To read the full version of this content please select one of the options below:

Towards privacy in personal data management

Pavlos S. Efraimidis (Department of Electrical and Computer Engineering, Democritus University of Thrace, Xanthi, Greece)
Georgios Drosatos (Department of Electrical and Computer Engineering, Democritus University of Thrace, Xanthi, Greece)
Fotis Nalbadis (Department of Electrical and Computer Engineering, Democritus University of Thrace, Xanthi, Greece)
and
Aimilia Tasidou (Department of Electrical and Computer Engineering, Democritus University of Thrace, Xanthi, Greece)

Information Management & Computer Security

ISSN: 0968-5227

Article publication date: 9 October 2009

Downloads
2451

Abstract

Purpose

In order to enhance privacy protection during electronic transactions, the purpose of this paper is to propose, develop, and evaluate a personal data management framework called Polis that abides by the following principle: every individual has absolute control over his/her personal data that reside only at his/her own side.

Design/methodology/approach

This paper identifies representative electronic transactions that involve personal data and proposes Polis‐based protocols for them. The approach is evaluated on a Polis prototype both as a stand‐alone application and as part of a commercial database management system.

Findings

The results of this paper indicate that electronic transactions can remain both feasible and straightforward, while personal data remain only at the owner's side.

Research limitations/implications

This paper describes a Polis‐approach implementing prototype, which is easy to deploy and friendly to current information management technologies. However, the usability of the prototype has to be enhanced with supporting tools for editing personal data and policies and a more intuitive user interface. Finally, the Polis‐platform enables a new class of user‐centered distributed applications, which it intends to investigate.

Practical implications

Even though the conditions for a personal data management approach like Polis are mature, and Polis can be progressively adopted, it still entails a major change in current business practices.

Originality/value

This paper proposes a new paradigm for the management of personal data, which admits individuals to have their personal data stored only at their own side. The new approach can be of mutual benefit to both individuals and companies.

Keywords

Citation

Efraimidis, P.S., Drosatos, G., Nalbadis, F. and Tasidou, A. (2009), "Towards privacy in personal data management", Information Management & Computer Security, Vol. 17 No. 4, pp. 311-329. https://doi.org/10.1108/09685220910993971

Publisher

:

Emerald Group Publishing Limited

Copyright © 2009, Emerald Group Publishing Limited