AAU Student Projects is unavailable between June 15th 1.30pm and 17th 1.30pm due to planned system maintenance. The projects cannot be downloaded during this period.
AAU Student Projects - visit Aalborg University's student projects portal
An executive master's programme thesis from Aalborg University
Book cover


Privacy-Preserving Secure Data Sharing Framework for Cloud-Based Supply Chain Management Systems

Authors

; ;

Term

4. term

Education

Innovative Communication Technologies and Entrepreneurship, Master

Publication year

2026

Submitted on

Pages

75

Abstract

This thesis examines how cloud-based supply chain systems can share data securely while preserving privacy in a multi-stakeholder, continuously connected environment. It starts from the observation that threats such as unauthorized access, insecure APIs, data interception, sensitive data exposure, and limited visibility into shared information challenge confidentiality and compliance. Using desktop research, an expert interview, and case studies (including the SolarWinds Orion and MOVEit MFT incidents) to derive requirements, the work analyzes the threat landscape and designs and implements a privacy-preserving secure data-sharing framework. The framework integrates API-gateway–mediated communication, reversible pseudonymization with controlled re-identification, encryption, simplified Attribute-Based Access Control (ABAC), zero-trust verification, and audit logging, and includes processes for secure vendor verification, privacy-preserving transmission, and monitoring. A comparative evaluation indicates that the approach can strengthen confidentiality, controlled accessibility, and secure data sharing in cloud-based supply chains, and the thesis discusses limitations and potential directions for future work.

Denne afhandling undersøger, hvordan cloud‑baserede supply chain‑systemer kan dele data sikkert og med respekt for privatliv, i et miljø kendetegnet ved mange interessenter og løbende datatransmission. Udgangspunktet er, at trusler som uautoriseret adgang, usikre API’er, dataaflytning, eksponering af følsomme oplysninger og manglende indsigt i delte data udfordrer fortrolighed og compliance. Gennem skrivebordsresearch, et ekspertinterview og casestudier (bl.a. SolarWinds Orion og MOVEit MFT) identificeres krav og trusselsbilleder, hvorefter der designes og implementeres en privatlivsbevarende ramme for sikker datadeling. Rammen integrerer API‑gateway‑kommunikation, reversibel pseudonymisering med kontrolleret re‑identifikation, kryptering, forenklet attribut‑baseret adgangskontrol (ABAC), zero‑trust‑verifikation og audit‑logning, samt inkluderer processer for sikker leverandørverificering, privatlivsbevarende dataoverførsel og overvågning. En komparativ evaluering peger på, at tilgangen kan styrke fortrolighed, kontrolleret tilgængelighed og sikker datadeling i cloud‑baserede forsyningskæder, og afhandlingen diskuterer samtidig begrænsninger og mulige veje for videre arbejde.

[This apstract has been generated with the help of AI directly from the project full text]

Documents

Download PDF
View record in AAU Student Projects