PDGuard: an architecture for the control and secure processing of personal data

Dimitris Mitropoulos*, Thodoris Sotiropoulos, Nikos Koutsovasilis, Diomidis Spinellis

*Corresponding author for this work

Research output: Contribution to journalArticleScientificpeer-review

2 Citations (Scopus)


Online personal data are rarely, if ever, effectively controlled by the users they concern. Worse, as demonstrated by the numerous leaks reported each week, the organizations that store and process them fail to adequately safeguard the required confidentiality. In this paper, we propose pdguard, a framework that defines prototypes and demonstrates an architecture and an implementation that address both problems. In the context of pdguard, personal data are always stored encrypted as opaque objects. Processing them can only be performed through the pdguard application programming interface (api), under data and action-specific authorizations supplied online by third party agents. Through these agents, end-users can easily and reliably authorize and audit how organizations use their personal data. A static verifier can be employed to identify accidental api misuses. Following a security by design approach, pdguard changes the problem of personal data management from the, apparently, intractable problem of supervising processes, operations, personnel, and a large software stack to that of auditing the applications that use the framework for compliance. We demonstrate the framework’s applicability through a reference implementation, by building a pdguard-based e-shop, and by integrating pdguard into the The Guardian newspaper’s website identity application.

Original languageEnglish
Pages (from-to)479-498
Number of pages20
JournalInternational Journal of Information Security
Issue number4
Publication statusPublished - 1 Aug 2020
Externally publishedYes


  • Auditing
  • Encrypted data
  • Personal data
  • Software architecture


Dive into the research topics of 'PDGuard: an architecture for the control and secure processing of personal data'. Together they form a unique fingerprint.

Cite this