On Obligations

Abstract: Access control is concerned with granting access to sensitive data based on conditions that relate to the past or present, so-called provisions. Expressing requirements from the domain of data protection necessitates extending this notion with conditions that relate to the future. Obligations, in this sense, are concerned with commitments of the involved parties. At the moment of granting access, adherence to these commitments cannot be guaranteed. An example is the requirement "do not redistribute data", wher… Show more

“…• The concept of data subject is also expressed using the terms donor of the personal information [23] or data owner [15]. However, they are not equivalent in the EU legal framework.…”

“…Obligations can also help in implementing the principle of information security as they impose constraints on how the data may be used [15].…”

“…The concept of obligation was thus integrated in access control frameworks (e.g., [12,[42][43][44]) to define the actions that must be taken when permissions are granted. Obligations are also used to restrict the set of permissible actions (i.e., actions that do not comply with obligations are not permitted) [13] and to specify the intended usage of data [15]. A characteristic of these approaches is that obligations are incomparable with authorizations.…”

“…When building IT systems that store and process personal data, designers need to define system requirements and to ensure that personal data are handled in accordance with applicable laws and regulations [15]. In most applications, informally stated and implicit privacy requirements are as urging as functional and security ones, but they are rarely analyzed and designed carefully from the beginning of the development process.…”

Towards the development of privacy-aware systems

“…• The concept of data subject is also expressed using the terms donor of the personal information [23] or data owner [15]. However, they are not equivalent in the EU legal framework.…”

“…Obligations can also help in implementing the principle of information security as they impose constraints on how the data may be used [15].…”

“…The concept of obligation was thus integrated in access control frameworks (e.g., [12,[42][43][44]) to define the actions that must be taken when permissions are granted. Obligations are also used to restrict the set of permissible actions (i.e., actions that do not comply with obligations are not permitted) [13] and to specify the intended usage of data [15]. A characteristic of these approaches is that obligations are incomparable with authorizations.…”

“…When building IT systems that store and process personal data, designers need to define system requirements and to ensure that personal data are handled in accordance with applicable laws and regulations [15]. In most applications, informally stated and implicit privacy requirements are as urging as functional and security ones, but they are rarely analyzed and designed carefully from the beginning of the development process.…”

Towards the development of privacy-aware systems

“…Roughly speaking, provisions must hold when access is granted, while obligations must hold after access has been granted [4,5,13]. For example, a subject may be obliged not to disclose any information learned as a result of being granted access to some data.…”

Controlling Access to Documents: A Formal Access Control Model

Bringing the User Back into Control: A New Paradigm for Usability in Highly Dynamic Systems