Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
GDPR: Securing Personal Data in Compliance with new EU-Regulations
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering.
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering.
2017 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

New privacy regulations bring new challenges to organizations that are handling and processing personal data regarding persons within the EU. These challenges come mainly in the form of policies and procedures but also with some opportunities to use technology often used in other sectors to solve problems. In this thesis, we look at the new General Data Protection Regulation (GDPR) in the EU that comes into full effect in May of 2018, we analyze what some of the requirements of the regulation means for the industry of processing personal data, and we look at the possible solution of using hardware security modules (HSMs) to reach compliance with the regulation. We also conduct an empirical study using the Delphi method to ask security professionals what they think the most important aspects of securing personal data, and put that data in relation to the identified compliance requirements of the GDPR to see what organizations should focus on in their quest for compliance with the new regulation. We found that a successful implementation of HSMs based on industry standards and best practices address four of the 35 identified GDPR compliance requirements, mainly the aspects concerning compliance with anonymization through encryption, and access control. We also deduced that the most important aspect of securing personal data according to the experts of the Delphi study is access control followed by data inventory and classification. 

Place, publisher, year, edition, pages
2017. , p. 67
Keyword [en]
GDPR, General Data Protection Regulation, Data Protection, Personal Data, EU, European Union, Encryption, Key Management, Hardware Security Module, HSM, Delphi Study, Compliance
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:ltu:diva-64342OAI: oai:DiVA.org:ltu-64342DiVA, id: diva2:1113478
External cooperation
Tieto AB
Subject / course
Student thesis, at least 30 credits
Educational program
Information Security, master's level (120 credits)
Supervisors
Examiners
Available from: 2017-06-22 Created: 2017-06-21 Last updated: 2018-01-13Bibliographically approved

Open Access in DiVA

fulltext(2287 kB)1677 downloads
File information
File name FULLTEXT01.pdfFile size 2287 kBChecksum SHA-512
66c53154659db3ab217ba4e78a2806751fde1d4e8784a626c8154c300aa5e8a24209fde12ea3f2aefed6739b74ce972ebb894f870286a9cce893d7d4a0f4b6ea
Type fulltextMimetype application/pdf

By organisation
Department of Computer Science, Electrical and Space Engineering
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 1677 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 11159 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf