Data Privacy and Security Framework : Review and Synthesis

Aman Kumar Jagdev; Anil Kumar Dhiman

doi:10.17010/ijcs/2025/v10/i6/175908

Data Privacy and Security Framework : Review and Synthesis

Authors

Aman Kumar Jagdev M. Tech. Student, Department of Computer Science & Engineering, Graphic Era (Deemed to be University) Dehradun - 248 002, Uttarakhand https://orcid.org/0009-0003-6408-926X
Anil Kumar Dhiman A. K. Dhiman (Corresponding Author), Information Scientist, Gurukul Kangri (Deemed to be University), Haridwar - 249 404, Uttarakhand https://orcid.org/0000-0001-5904-7813

DOI:

https://doi.org/10.17010/ijcs/2025/v10/i6/175908

Keywords:

Cybersecurity, data privacy, security, threat model.
Publication Chronology: Paper Submission Date : November 8, 2025 ; Paper sent back for Revision : November 14, 2025 ; Paper Acceptance Date : November 23, 2025 ; Paper Published Online : December 5, 2025.

Abstract

Challenges to the protection of personal and corporate information have multiplied with the rapid dissemination of digital technology and the growing reliance on information-based decision-making. Despite security and privacy having been extensively studied, existing systems at times treat them as separate concerns, resulting in fragmented solutions. This research analyzes existing practices of data privacy and security, reviews their strengths and weaknesses, and proposes a tiered model encompassing organizational, architectural, computational, and governance dimensions. The model focuses on accountability, transparency, and compliance through the application of security measures such as encryption, authentication, and audit mechanisms, as well as privacy-conserving techniques such as homomorphic encryption, federated learning, multi-party computation, and differential privacy. Future directions for research in explainable privacy, confidential computing, and policy automation are outlined, along with trade-offs between utility, efficiency, and user confidence.

Downloads

Download data is not yet available.

Downloads

Requires Subscription or Fee PDF (INR 250)

Published

2025-12-05

How to Cite

Jagdev, A. K., & Dhiman, A. K. (2025). Data Privacy and Security Framework : Review and Synthesis. Indian Journal of Computer Science, 10(6), 13–23. https://doi.org/10.17010/ijcs/2025/v10/i6/175908

Download Citation

Issue

Volume 10, Issue 6, November-December 2025

Section

Articles

References

[1] A. Cavoukian, "Smart meters in Europe: Privacy by design at its best," Information and Privacy Commissioner of Ontario, 2012. [Online]. Available: https://itlaw.fandom.com/wiki/Smart_Meters_in_Europe:_Privacy_by_Design_at_its_Bes.

[2] L. Thomas, I. Gondal, T. Oseni, and S. Fermin, "A framework for data privacy and security accountability in data breach communications," Comput. Secur., vol. 116, p. 102595, May 2022, doi: 10.1016/j.cose.2022.102657.

[3] F. Ullah and M. A. Babar, "Architectural tactics for big data cybersecurity analytic systems: A review," Future Gener. Comput. Syst., vol. 86, pp. 403–417, 2018. [Online]. Available: https://arxiv.org/pdf/1802.03178.

[4] P. N. Swanzy, A. M. Abukari, and E. D. Ansong, "Data security framework for protecting data in transit and at rest in the cloud," Curr. J. Appl. Sci. Technol., vol. 43, no. 6, pp. 61–77, 2024, doi: 10.9734/cjast/2024/v43i62727.

[5] P. Wang, L. Zhang, H. Chen, and Y. Liu, "An integrated framework for data security using classification and best practices," Informatica, vol. 49, no. 12, 2025. [Online]. Available: https://www.informatica.si

[6] S. R. Ghorashi, T. Zia, M. Bewong, and Y. Jiang, "An analytical review of industrial privacy frameworks and regulations for organisational data sharing," Appl. Sci., vol. 13, no. 23, 2023, doi: 10.3390/app132312727.

[7] N. E. D. Ferreyra, S. Khelifi, N. Arachchilage, and R. Scandariato, "The good, the bad, and the (un)usable: A rapid literature review on privacy as code," arXiv preprint, 2024. [Online]. Available: doi: 10.48550/arXiv.2412.16667.

[8] N. Karmitsa, A. Airola, T. Pahikkala, and T. Pitkämäki, "A comprehensive guide to differential privacy: From theory to user expectations," doi: 10.48550/arXiv.2509.03294.

[9] N. Truong, K. Sun, S. Wang, F. Guitton, and Y. Guo, "Privacy preservation in federated learning: An insightful survey from the GDPR perspective," Computers Secur., vol. 110, Nov. 2020, doi: 10.1016/j.cose.2021.102402.

[10] S. Zhou, Z. Zhou, C. Wang, Y. Liang, L. Wang, J. Zhang, J. Zhang, and C. Lv, "A user-centered framework for data privacy protection using large language models and attention mechanisms," Appl. Sci., vol. 14, no. 15, 2024, doi: 10.3390/app14156824.

[11] P. D. Farah and I. B. Friedman, "Balancing technological innovation and regulation: Safeguarding societal interests in the age of AI," [Online]. Available: https://www.jurist.org/commentary/2025/02/balancing-technological-innovation-and-regulation-safeguarding-societal-interests-in-the-age-of-ai/

[12] O. Sundin, “Navigating media and information literacy in the age of AI: A view from Sweden,” Revue Internationale D'éducation de Sèvres, Special Issue HS-4, 2025, doi: 10.4000/146wg.

[13] S. Jiang, “Fragmented rules, global flows: How legal differences shape the cross-border data landscape—Evidence from the EU, US, and China,” in Proc. ICGPSH 2025 Symp.: Int. Relations Global Governance, 2025, doi: 10.54254/2753-7048/96/2025.BO23772.

[14] P. Reuter, The General Data Protection Regulation (GDPR), European Parliament, 2018. [Online]. Available: https://www.epsu.org/sites/default/files/article/files/GDPR _FINAL_ EPSU.pdf

[15] S. M. Khalil, H. Bahsi, H. O. Dola, T. Koratko. K. et al., "Threat modeling of cyber-physical systems - A case study of a microgrid system," Comput. Secur., vol. 124, p. 102950, 2023.

[16] J. N. Maniam and D. Singh, "Towards data privacy and security framework in big data governance," Int. J. Softw. Eng. Comput. Syst., 2020. [Online]. Available: https://api.semanticscholar.org/CorpusID:225842346

[17] L. Floridi, J. Cowls, M. Beltrametti, R. Chatila, P. Chazerand, V. Dignum, C. Luetge, R. Madelin, U. Pagallo, F. Rossi, B. Schafer, P. Valcke, and E. Vayena, "AI4People - An ethical framework for a good AI society: Opportunities, risks, principles, and recommendations," Minds Mach., vol. 28, pp. 689–707, May 2018, doi: 10.1007/s11023-018-9482-5.

[18] I. Linkov and A. Kott, "Fundamental concepts of cyber resilience: Introduction and overview," in Cyber Resilience Systems Networks, in A. Kott and I. Linkov, Cham: Springer, 2019, doi: 10.1007/978-3-319-77492-3_1.

[19] A. E. Alozie, C. Elizabeth, J. I. Akerele, E. Kamau, and T. Myllynen, "Disaster recovery in Cloud computing: Site reliability engineering strategies for resilience and business continuity," Int. J. Manag. Organ. Res., vol. 3, no. 1, pp. 36–48, 2024, doi: 10.54660/IJMOR.2024.3.1.36-48.