Access Control for Privacy Protection for Dynamic and Correlated Databases

Zhu, Nafei; Zhang, Min; Feng, Dan; He, Jingrui

doi:10.1109/smartcity.2015.161

Cited by 2 publications

(1 citation statement)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Technical solutions regarding privacy enforcement would in general refer to PET -Privacy-Enforcement Technologies. Those technologies assume secure communication and data storage by encryption, access control and auditing, anonymization of on-line activity, detection of privacy violators, and so on [25,40]. Since PET can only partially address privacy-related problems, they need to be combined with information governance features in order to create comprehensive privacyenforcement mechanisms.…”

Section: Privacymentioning

confidence: 99%

Enforcing Context-Awareness and Privacy-by-Design in the Specification of Information Systems

Shishkov

Janssen

2018

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Networked physical devices, vehicles, home appliances, and other items embedded with electronics, software, sensors, actuators, and connectivity, allow for run-time acquisition of user data. This in turn can enable information systems which capture the "current" user state and act accordingly. The use of this data would result in context-aware applications that get fueled by user data (and environmental data) to adapt their behavior. Yet the use of data is often restricted by privacy regulations and norms; for example, the location of a person cannot be shared without given consent. In this paper we propose a design approach that allows for weaving context-awareness and privacy-by-design into the specification of information systems. This is to be done since the very early stages of the software development, while the enterprise needs are captured (and understood) and the software features are specified on that basis. In addition to taking into account context-awareness and privacy-sensitivity these two aspects will be balanced, especially if they are conflicting. The presented approach extends the "Software Derived from Business Components" (SDBC) approach. We partially demonstrate our proposed way of modeling, by means of a case example featuring land border security. Our proposed way of modeling would allow developers to smoothly reflect context and privacy features in the application design, supported by methodological guidelines that span over the enterprise modeling and software specification. Those features are captured as technology-independent societal demands and are in the end reflected in technology-specific (software) solutions. Traceability between the two is possible as well as re-use of modeling constructs.

show abstract

Section: Privacymentioning

confidence: 99%