Large Scale Privacy Architecture - Implemenation and Evaluateion
MetadataShow full item record
Various enterprises store information and transaction data about people who have, or have had, customer or client relationships with them. In addition, many people today use numerous online services where they disclose information like: name, email, address etc. This information may be misused and thus hurt the person's privacy. The data on its own is no threat to people but through profiling, this information may become sensitive. This project introduces an architecture and a system called IDMegler that tries to mitigate these threats. There is an increasing need to protect data in a fast growing digitalised world. IDMegler is a proposal for a nationwide middleware system which decouples identity data from transaction data, and enforces integrity of certain information about people. IDMegler also works as an insight service for users that enables people to control who retrieves information about them. The project takes the idea of IDMegler, and through design science, interviews, and a questionnaire, evaluates and calculates threshold values IDMegler will need to satisfy. The interviews and questionnaire have gathered information about transactions concerning personal information and people's lack of control over their personal data distributed through online services and enterprises. The data collected have been the basis for the estimation of the likely workload for the system, and of required performance in terms of throughput and response times. The design science generates a prototype of IDMegler through a proposed architectural design and requirement specification. Performance tests have been performed to test the design against requirements, and to identify limitations and bottlenecks in the architecture. The architectural design, the requirement specification, and the performance tests have all been developed and accomplished during this project. Through performance tests the project identifies one bottleneck, and suggests how to remove this bottleneck. The remaining part of the design suggests that the architecture and system is good enough to meet the estimated performance requirements.