Designing a privacy aware infrastructure for an Inclusive Enterprise at IBM

Master thesis (2016)

Authors

Contributors

A. Bozzon (mentor)
R. Sips (mentor)
Programme
Computer Science (EEMCS) (TU Delft)
Copyright: © 2016 Steenstra, C.T.
More Info
expand_more

Published Date

28-04-2016

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Programme

Computer Science

Abstract

The widespread adoption of computer technologies fundamentally re-shaped the way companies operate. A deluge of systems and applications now support the daily activities of employees and managers alike, thus increasing the amount, value, and sensibleness of available data. This abundance of data provides new opportunities for applications development, where more and more data is shared and reused to enable new functionalities, to unlock novel insights about the enterprise or its personnel, or to improve on aspects such as employee engagement, productivity or sociability. At the same time, data sharing poses new challenges. Data is often used for purposes that are different from the original design, and there is a pervasive need to ensure compliance with the relevant laws and third party policies. What is more, employees might find the increased use of personal data undesirable, and therefore demand proper transparency and control over their personal data. This works tackles the technical challenges that come with the sharing and usage of personal data by enterprise-class applications, and provides a framework for privacy aware data sharing. In a literature survey we investigate several disciplines related to privacy, access control management, and provenance in computer systems, to determine the current state of the art and practice. The study provides the conceptual underpinning for a novel data model that facilitates a privacy aware way for applications to share data while still providing transparency, simplicity and control to users. The model is then implemented in a new enterprise-class platform, a multi-tenant Software-as-a-Service (SaaS) provider that centralises privacy and consent management related functionalities. The model and framework are then validated through interviews with IBM employees having different roles within the organisation. The quality of the resulting implementation is validated by means of a set of scalability tests, with the goal of demonstrating the actual suitability of the proposed solution in a realistic enterprise context.