Loading...
The conflict of interest between data sharing and data privacy : a middleware approach
Author(s)
Molema, Karabo Omphile
Date Issued
2016
Type
Thesis
Publisher
Cape Peninsula University of Technology
Abstract
People who are referred to as data owners in this study, use the Internet for various purposes and
one of those is using online services like Gmail, Facebook, Twitter and so on. These online services
are offered by organizations which are referred to as data controllers. When data owners use these
service provided by data controllers they usually have to agree to the terms and conditions which
gives data controllers indemnity against any privacy issues that may be raised by the data owner. Data
controllers are then free to share that data with any other organizations, referred to as third parties.
Though data controllers are protected from lawsuits it does not necessarily mean they are free of any
act that may be considered a privacy violation by the data owner. This thesis aims to arrive at a design
proposition using the design science research paradigm for a middleware extension, specifically
focused on the Tomcat server which is a servlet engine running on the JVM. The design proposition
proposes a client side annotation based API to be used by developers to specify classes which will
carry data outside the scope of the data controller's system to a third party system, the specified
classes will then have code weaved in that will communicate with a Privacy Engine component that
will determine based on data owner's preferences if their data should be shared or not. The output of
this study is a privacy enhancing platform that comprises of three components the client side
annotation based API used by developers, an extension to Tomcat and finally a Privacy Engine.
one of those is using online services like Gmail, Facebook, Twitter and so on. These online services
are offered by organizations which are referred to as data controllers. When data owners use these
service provided by data controllers they usually have to agree to the terms and conditions which
gives data controllers indemnity against any privacy issues that may be raised by the data owner. Data
controllers are then free to share that data with any other organizations, referred to as third parties.
Though data controllers are protected from lawsuits it does not necessarily mean they are free of any
act that may be considered a privacy violation by the data owner. This thesis aims to arrive at a design
proposition using the design science research paradigm for a middleware extension, specifically
focused on the Tomcat server which is a servlet engine running on the JVM. The design proposition
proposes a client side annotation based API to be used by developers to specify classes which will
carry data outside the scope of the data controller's system to a third party system, the specified
classes will then have code weaved in that will communicate with a Privacy Engine component that
will determine based on data owner's preferences if their data should be shared or not. The output of
this study is a privacy enhancing platform that comprises of three components the client side
annotation based API used by developers, an extension to Tomcat and finally a Privacy Engine.
Additional information
Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2016.
File(s)![Thumbnail Image]()
Loading...
Name
207163413-Molema-KO-Mtech-IT-FID-2016.pdf
Description
Thesis
Size
1.21 MB
Format
Adobe PDF
Checksum
(MD5):6dce1dd7c7772c92893f5e056e7de30b