METHODS OF INCREASING THE GUARANTEE OF PERSONAL DATA PROTECTION IN APPLIED INTERNET SYSTEMS

Abstract

The article addresses the problem of ensuring a high level of assurance in the protection of personal data in application Internet systems, which are commonly implemented using a client-server architecture. Despite the availability of advanced information security subsystems, many users remain uncertain about the reliability of guarantees regarding the confidentiality and integrity of their personal data, particularly in critical application systems. This distrust is largely due to the lack of technical means that would allow clients to directly verify the actions of system administrators and to monitor the state of the operating environment during the provision of services.

The study proposes a model that combines the principle of transparency (operating environment openness) with public monitoring of all administrator activities in real time. The model is based on a logically structured operating environment divided into security domains, each with a clearly defined scope of permitted operations. Access control rules are developed to ensure strict isolation of personal data from any unauthorized access, while still enabling administrators to perform necessary maintenance without violating these restrictions.

A comprehensive threat model is formulated, focusing on scenarios that could compromise the confidentiality and integrity of personal data both within the server domain and in communication channels. The proposed security framework aligns with the Ukrainian national regulatory documents on technical information protection and includes a functional protection profile for client data that ensures maximum openness and controllability of the environment.

The results of the research demonstrate that implementing the proposed transparency-based model can significantly increase user trust, reduce the probability of undetected security breaches, and provide verifiable guarantees of personal data protection. The approach can be applied to various critical infrastructure systems and adapted to international cybersecurity standards. The proposed solutions can provide a level of protection sufficient to form the unquestionable trust of clients of Internet application systems.