This thesis presents a novel approach for extracting personal data and automatically generating Personal Data Reports (PDRs) from relational databases. Such PDRs can be used among other purposes for compliance with Subject Access Requests (SARs) of Data Protection Acts (DPAs). The proposed approach combines the use of graphs and SQL for the construction of PDRs and its rationale is based on the fact that some relations in a database, which we denote as RDS relations, hold information about Data Subjects (DSs) and relations linked around RDSs contain additional information about the particular DS. Three methods with different usability characteristics are introduced: 1) GDS Based Method and 2) By Schema Browsing Method which generate SAR PDRs and 3) T Based Method which generates General Purpose PDRs. The novelty of these methodologies is that they do not require any prior knowledge of either the database schema or of any query language by the users. The work described in this thesis contributes to the gap in the knowledge for DPA compliance as current data protection systems do not provide facilitates for generating personal data reports. The performance results of the ODS approach are presented together with precision and recall measures of the T Based Method. An optimization algorithm that reuses already found data which is based on heuristics and hash tables is employed and its effectiveness verified. We conclude that the ODS and schema browsing methods provide an effective solution and that the automated T Based approach is an effective alternative for generating general purpose data reports, giving an average f-score of 76.5%.
Identifer | oai:union.ndltd.org:bl.uk/oai:ethos.bl.uk:485987 |
Date | January 2007 |
Creators | Cawley, Benjamin Matthew |
Publisher | Manchester Metropolitan University |
Source Sets | Ethos UK |
Detected Language | English |
Type | Electronic Thesis or Dissertation |
Page generated in 0.002 seconds