Prof. Dr. -ing. Ir. Suhardi, MT.
Sekolah Teknik Elektro dan Informatika
Abstract
This article presents a conceptual framework and methodology for enhancing access management in secure systems. The framework integrates established theories and practices in privacy engineering, risk management, and compliance to address the growing challenges of managing sensitive information, includes personal data, in complex environments. It highlights key building blocks, including governance, risk management, compliance, data security, and continuous monitoring, to create a holistic approach to safeguarding sensitive data. Each component is designed to ensure compliance with legal requirements while optimizing security measures through technical and organizational strategies. Furthermore, the article identifies gaps in existing frameworks and proposes a structured pathway for future research to explore emerging technologies, such as artificial intelligence and blockchain, to further strengthen access control mechanisms. This research contributes to the field by offering a scalable, adaptable framework building blocks that bridges theory and practice, providing practical insights for organizations striving to improve access management in an increasingly dynamic regulatory and technological landscape.
Keyword: Research 1, Research 2, , Research 3.
Introduction
The phenomenon of data privacy in the current era of digital transformation has become hotly discussed, especially after the Cambridge Analytica case which processed the personal data of Facebook users in early 2018. The issue of personal data had been discussed 38 years earlier, namely in the OECD international forum in the Guidelines Governing the Protection of Privacy and Transborder Flow of Personal Data in 1980. The main concept of personal data is the concept of privacy, where an individual has the right to close or open space in his life Data privacy The use of Big Data technology that is increasing even in every device and digital system used today makes personal data and information increasingly exposed and raises the risk of data privacy violations. Since the approval of the General Data Protection Regulation (GDPR) by the European Parliament, the European Council, and the European Commission in 2015, new challenges have emerged for organizations to implement the GDPR including when data controllers need to inform third parties of a data subject’s request for data erasure, which can be burdensome or impossible in some scenarios, especially when coordinating with external parties.
Research Method
The discussion about privacy engineering in this study refers to the guidelines for systematic literature review contained in Suhardi et al and Henriette et al.
Discussion & Result
• Simulation depicts the input voltage of 36 V represents the output voltage of a photovoltaic system. The simulation control utilized pulse width modulation (PWM) signals to regulate the switches with specific duty cycles. A duty cycle value of 0.67 for the first stage of the converter. The duty cycle for the second stage was set to 0.75 to achieve high voltage amplification. The switching frequency was set to 20 kHz.
• For the predetermined parameters, an output current of 0.32A operates the converter in boundary mode. At this boundary point, the converter operates at a power of 150W. The shape of the inductor current can be observed in the three operating modes as depicted in Fig. 2.
• It can be observed that efficiency decreases as the converter’s power increases. In other words, in CCM, the efficiency decreases. This is because at higher power levels, the losses in the converter’s components also increase. These losses are proportional to the increase in converter power.
• Additionally, in DCM, soft switching occurs, resulting in a significant reduction in switch losses. This is what leads to a notable increase in efficiency between BCM and DCM, despite being at similar output power levels.
• The loss characteristics of BCM and CCM are similar, hence the similarity in their loss calculations.
• The efficiency trend for different output currents and power values is depicted in Fig. 3.
After performing a keyword-based search, the subsequent step involved study selection and quality assessment, yielding twenty-six papers that met the eligibility criteria. The screening process revealed that many articles were excluded due to failure to meet the specified criteria. Although some articles included the terms “privacy engineering” and “privacy compliance,” their content did not establish a correlation between these concepts. The accepted articles were those explicitly incorporating both “privacy engineering” and “privacy compliance” as keywords. The data presentation procedure involves a descriptive analysis of the collected articles. One categorization technique employed is grouping articles by publication year, article type, and research methodology used. Table 1 categorizes articles by type.
Discussion & Result
After conducted privacy engineering components identification, we summarize the existed components into eleven core components, as described below :
1. Privacy by Design and Privacy by Default This concept is the basis of privacy engineering. Every product or service developed must consider privacy from the initial design stage (privacy by design) and ensure privacy settings that protect users automatically (privacy by default)
2. Data Minimization
This component requires that the system only collects and stores data that is necessary for the specific purpose identified.
3. Risk Assessment and Threat Modelling Risk assessment and threat modeling is a process that evaluates potential risks to privacy and personal data in a system.
4. Access Control and Authentication Access control and authentication ensure that only authorized parties can access personal data.
5. Data Security Measures
Data security is an essential component of protecting personal data from loss, leakage, or unauthorized access.
6. Data Anonymization and Pseudonymization Anonymization and pseudonymization are techniques to reduce the association of data with a specific individual.
7. User Consent and Transparency Mechanisms
Transparency and user consent are critical components to ensuring users are aware of the data being collected and how it will be used.
8. Privacy Incident Response and Breach Management
Every privacy framework should have an incident response plan in place to handle data breaches or privacy incidents.
9. Data Retention and Disposal Policies Data retention policies determine how long personal data will be retained and ensure that data that is no longer needed is securely deleted.
10. Ongoing Monitoring and Auditing Continuous monitoring and auditing ensure that privacy standards are always met and policies are implemented consistently
11. Privacy Training and Awareness Programs
Privacy awareness and training for all staff is an important component of ensuring that all parties understand and properly implement the privacy policy.
Conclusion
• The results show that by implementing DCM operation, the proposed converter achieves the highest efficiency.
• In the proposed converter, the dominant source of losses is attributed to the inductor, accounting for approximately 62% of the total losses in DCM.
• The operation of DCM has demonstrated a substantial reduction in switching losses, leading to a notable increase in efficiency.
Improving Efficiency of Multi-phase Cascaded DC-DC Boost Converters in Discontinuous Conduction Mode Suitable for Renewable Energy Application,
Muhammad Farras Muzakki, Arwindra Rizqiawan, Jihad Furqani International Journal of Power Electronics and Drive System (IJPEDS) (Under review, 1st round revision stage)
Conclusion
By leveraging systematic access strategies, the results are six modular building blocks, namely governance building block, risk management building block, compliance and legal building block, data security and access control building block, data minimization and management building block, continuous monitoring and improvement building block. Additionally, the review highlights the need for multidisciplinary collaboration between technical, legal, and ethical experts to address privacy challenges comprehensively. This holistic approach will enable organizations to not only comply with regulations but also demonstrate ethical and responsible handling of personal data
Indonesian 
English