As public data increasingly becomes central to governance and digital services, the circulation of such data across platforms, stakeholders, and lifecycle stages introduces new security challenges. Existing studies tend to focus on specific systems or isolated phases, often lacking a systematic classification of the data security risks that arise throughout the entire data circulation process. This study aims to address this gap by examining security risks associated with the circulation process of public data. To overcome the fragmented nature of current risk classification approaches, we propose a comprehensive taxonomy of data security risks tailored explicitly to the context of public data circulation. Utilising an iterative taxonomy development method, we integrated a structured literature review, expert evaluations, and AI-assisted coding across four iterative refinement rounds. The resulting taxonomy comprises four meta-dimensions: legal and policy risks, data security and privacy risks, infrastructure and technical risks, and risks related to data quality and fairness. The taxonomy establishes theoretical foundations for cross-domain risk analysis by delineating interdependencies between legal, technical, and sociotechnical dimensions of data security. It also enables public sector actors and platform providers to identify complex, interconnected risks, facilitating the development of more coordinated, cross-domain risk mitigation strategies.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Taxonomy for Data Security Risks in Public Data Circulation

  • Ning Wang,
  • Ying Li,
  • Zhijun Liu,
  • Naiyu Jiang,
  • Fengyu Cong,
  • Yikun Lu,
  • Tommi Mikkonen

摘要

As public data increasingly becomes central to governance and digital services, the circulation of such data across platforms, stakeholders, and lifecycle stages introduces new security challenges. Existing studies tend to focus on specific systems or isolated phases, often lacking a systematic classification of the data security risks that arise throughout the entire data circulation process. This study aims to address this gap by examining security risks associated with the circulation process of public data. To overcome the fragmented nature of current risk classification approaches, we propose a comprehensive taxonomy of data security risks tailored explicitly to the context of public data circulation. Utilising an iterative taxonomy development method, we integrated a structured literature review, expert evaluations, and AI-assisted coding across four iterative refinement rounds. The resulting taxonomy comprises four meta-dimensions: legal and policy risks, data security and privacy risks, infrastructure and technical risks, and risks related to data quality and fairness. The taxonomy establishes theoretical foundations for cross-domain risk analysis by delineating interdependencies between legal, technical, and sociotechnical dimensions of data security. It also enables public sector actors and platform providers to identify complex, interconnected risks, facilitating the development of more coordinated, cross-domain risk mitigation strategies.