A Practical Generic Privacy Language

Becker, Moritz Y.; Malkis, Alexander; Bussard, Laurent

doi:10.1007/978-3-642-17714-9_10

Cited by 24 publications

(22 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…S4P [6] offers promising features but only the core functionality (evaluation of queries) has been implemented. Tools tools for creating sticky policies, for enforcing policies, and for auditing execution traces need to be developped.…”

Section: Discussionmentioning

confidence: 99%

“…Many individual technologies have been developed to address data handling in distributed systems [24,23,8,6,1,17]. Yet, they typically focus only on specific technical aspects or scenarios.…”

Section: Motivationmentioning

confidence: 99%

“…In this paper we take a step back and look at the whole lifecycle of private data and its associated privacy policies in a distributed system, thus generalizing privacy-friendly data handling in cross-domain service compositions. We distill lessons learnt from working on privacy-enhancing technologies for distributed systems in the projects PrimeLife [18] and S4P [6]. Our result is a generic framework that defines the general processing steps to achieve privacy compliance and proper data handling in SOA.…”

Section: Motivationmentioning

confidence: 99%

“…Privacy constraint p 2 is a valid enforcement of p 1 (denoted p 1 p 2 ) when enforcing p 2 cannot violate p 1 . In [6], this notion is expressed in terms of lowerand upper-bounds behaviors. In [8], means "more permissive than", i.e.…”

Section: A Closer Look At Pii Provider Rolementioning

confidence: 99%

“…The third instantiation of the abstract framework is based on SecPAL for Privacy (S4P) [6] an extension of logic-based authorization language SecPAL [4]. Logic foundations makes it possible to reason on the causes of mismatches and furthermore to propose modification of preferences and/or policies thanks to abduction queries [5].…”

Section: Evaluated Technologiesmentioning

confidence: 99%

See 4 more Smart Citations

Abstract Privacy Policy Framework: Addressing Privacy Problems in SOA

Bussard

Pinsdorf

2012

Open Problems in Network Security

Self Cite

View full text Add to dashboard Cite

Abstract. This paper argues that privacy policies in SOA needs a lifecycle model. We formalize the lifecycle of personal data and associated privacy policies in Service Oriented Architectures (SOA), thus generalizing privacy-friendly data handling in cross-domain service compositions. First, we summarize our learning in two research projects (PrimeLife and SecPAL for Privacy) by proposing generic patterns to enable privacy policies in SOA. Second, we map existing privacy policy technologies and ongoing research work to the proposed abstraction. This highlights advantages and shortcomings of existing privacy policy technologies when applied to SOA.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Motivationmentioning

confidence: 99%

Section: Motivationmentioning

confidence: 99%

Section: A Closer Look At Pii Provider Rolementioning

confidence: 99%

Section: Evaluated Technologiesmentioning

confidence: 99%

See 3 more Smart Citations

Abstract Privacy Policy Framework: Addressing Privacy Problems in SOA

Bussard

Pinsdorf

2012

Open Problems in Network Security

Self Cite

View full text Add to dashboard Cite

show abstract

Challenges in the Digital Representation of Privacy Terms

Esteves¹

2021

AI Approaches to the Complexity of Legal Systems XI-XII

View full text Add to dashboard Cite

This paper aims to describe a research project focused on the digital representation of information related to the privacy and data protection domain. Currently, privacy policies are used by data controllers as a tool to achieve compliance with data protection regulations such as the EU GDPR, instead of being a privacy instrument at the disposal of both controllers and data subjects. On the other hand, data subjects lack the tools to effectively establish preferences when it comes to the processing and disclosure of their personal data, as well as to easily exercise their rights. In this regard, this paper discusses the challenges of the implementation of a service based on decentralised Web technologies and Semantic Web standards and specifications to facilitate the communication between data subjects and data controllers in the light of the GDPR. The main challenges that this service intends to address are linked to the exercising of GDPR-related rights and obligations, the negotiation of privacy terms and the governance of access to personal data stores. A case study in the healthcare and genomics domain will be explored to experiment with the developed tools. Early-stage results related to the implementation of semantic policies for the representation of GDPR rights and obligations are presented.

show abstract

Privacy by Design: From Technologies to Architectures

Antignac

Métayer

2014

Privacy Technologies and Policy

View full text Add to dashboard Cite

Abstract. Existing work on privacy by design mostly focus on technologies rather than methodologies and on components rather than architectures. In this paper, we advocate the idea that privacy by design should also be addressed at the architectural level and be associated with suitable methodologies. Among other benefits, architectural descriptions enable a more systematic exploration of the design space. In addition, because privacy is intrinsically a complex notion that can be in tension with other requirements, we believe that formal methods should play a key role in this area. After presenting our position, we provide some hints on how our approach can turn into practice based on ongoing work on a privacy by design environment.

show abstract

A Practical Generic Privacy Language

Cited by 24 publications

References 18 publications

Abstract Privacy Policy Framework: Addressing Privacy Problems in SOA

Abstract Privacy Policy Framework: Addressing Privacy Problems in SOA

Challenges in the Digital Representation of Privacy Terms

Privacy by Design: From Technologies to Architectures

Contact Info

Product

Resources

About