2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) 2021
DOI: 10.1109/eurospw54576.2021.00039
|View full text |Cite
|
Sign up to set email alerts
|

TIRA: An OpenAPI Extension and Toolbox for GDPR Transparency in RESTful Architectures

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
7
0

Year Published

2021
2021
2023
2023

Publication Types

Select...
5
3

Relationship

1
7

Authors

Journals

citations
Cited by 19 publications
(7 citation statements)
references
References 22 publications
0
7
0
Order By: Relevance
“…Last decade, the [Voigt, 2018] introduces the GDPR, and among other concerns, demands "more comprehensible information to end users" in applicable regions. These demands form the basis of data governance, but require more clarity and precision [Grünewald and Pallas, 2021].…”
Section: Transparency On the Handling Of User Datamentioning
confidence: 99%
“…Last decade, the [Voigt, 2018] introduces the GDPR, and among other concerns, demands "more comprehensible information to end users" in applicable regions. These demands form the basis of data governance, but require more clarity and precision [Grünewald and Pallas, 2021].…”
Section: Transparency On the Handling Of User Datamentioning
confidence: 99%
“…When used in proper combination, they may, depending on the type of data, the context, and the party receiving the data, even allow to render data non-personal from the regulatory perspective. At the same time, the practical application of these techniques in real-world Web APIs is -like for other privacy / data protection principles and technologies [12,18] -hindered by a lack of easily adoptable technical solutions that smoothly integrate into established technology stacks and development practices [13].…”
Section: Data-providing Web Apis and Data Minimizationmentioning
confidence: 99%
“…In line with other endeavors of practical privacy engineering (such as [11,12,18]), we formulate a set of functional and non-functional requirements that need to be fulfilled. Functional requirements here refer to the core functionality that needs to be provided while non-functional requirements address the practical applicability in real-world technology stacks and architectures.…”
Section: Requirementsmentioning
confidence: 99%
“…Cloud native architectures, in turn, need a machine-readable representation and additional tooling for processing said transparency information in order to describe the multitude of services in real-time. TILT [25] and TIRA [26], as technical mechanisms, address this issue being explicitly tailored to large-scale cloud native infrastructures, agile development practices, and the legal requirements. Consequently, the proposed policy language and programming toolkit of TILT, and the OpenAPI extension and dashboard of TIRA address transparency, accountability, and lawfulness on many different levels.…”
Section: E Grünewald 3 Dimensions Of Cloud Native Privacy Engineeringmentioning
confidence: 99%
“…For the security dimension one would, e.g., choose the encryption cipher suite. When focusing on transparency, all personal data indicators [26] would be documented (which also streamlines auditability) or manual instrumentation for logging and monitoring tools would be added []. Basically, this phase is crucial for every processing activity.…”
Section: Devprivops: Privacy Engineering In Practicementioning
confidence: 99%