It is well‐known that the primary threat against misuse of private data about individuals is present within the organisation; proposes a system that uses intrusion detection system (IDS) technologies to help safeguard such private information. Current IDSs attempt to detect intrusions on a low level whereas the proposed privacy IDS (PIDS) attempts to detect intrusions on a higher level. Contains information about information privacy and privacy‐enhancing technologies, the role that a current IDS could play in a privacy system, and a framework for a privacy IDS. The system works by identifying anomalous behaviour and reacts by throttling access to the data and/or issuing reports. It is assumed that the private information is stored in a central networked repository. Uses the proposed PIDS on the border between this repository and the rest of the organisation to identify attempts to misuse such information. A practical prototype of the system needs to be implemented in order to determine and test the practical feasibility of the system. Provides a source of information and guidelines on how to implement a privacy IDS based on existing IDSs.
Emerald Group Publishing Limited
Copyright © 2004, Emerald Group Publishing Limited