Data Handling: Dependencies between Authorizations and Obligations

نویسندگان

  • Laurent Bussard
  • Gregory Neven
  • Jan Schallaböck
چکیده

Authorizations and obligations are keystones of data handling. On one hand there are ambiguous links between authorization and obligations. On the other hand a clear separation between both concepts is necessary to improve readability and to avoid inconsistencies. This position paper focuses on authorizations necessary to enforce obligations. Such authorizations are necessary to prevents overdiligent data controllers from “overdoing” their obligations to the extent that they become a nuisance to the data subject. This problem is discussed from a legal perspective and is addressed in a technical solution that keeps a clear separation between authorizations and obligations.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

eGovernment service security policy: obligation conflict resolution in XACMLv3

Today, many governments tend to propose e-services to their citizens. However, implementing an eGovernment environment shall face up to several security challenges including integrating security requirements coming from multiple stakeholders. In this article, we analyze the conflicts that can occur between eGovernment security requirements. Since these security requirements can contain both aut...

متن کامل

Directed Deadline Obligations in Agent-Based Business Contracts

There are B2B relationships that presume cooperation in contract enactment. This issue should be taken into account when modeling, for computational handling, contractual commitments through obligations. Deadline obligations have been modeled by considering that reaching the deadline without compliance brings up a violation. When modeling commitments in business contracts, directed obligations ...

متن کامل

Conceptual Foundations for a Model of Task-based Authorizations

ion and Composition One of the rst issues that arises is that of abstraction and modeling. What is the proper abstraction to specify and manage authorization functions and tasks. We propose the abstraction of an authorization-task-unit to model the authorizations associated with every authorization function. Such an authorization unit may be composed of other smaller units called called approva...

متن کامل

Flexible deadlines for directed obligations in agent-based business contracts

In B2B contract enactment, cooperation should be taken into account when modeling contractual commitments through obligations. We advocate a directed deadline obligation approach, taking inspiration on international legislation over trade procedures. Our proposal is based on authorizations granted in specific states of an obligation lifecycle model. Flexible deadlines provide an additional leve...

متن کامل

Analysis of privacy and security policies

Policy analysis techniques have usually been developed independently of applications or they have been tailored to policies with specific purposes, e.g. they have been used to analyze access control policies, system management policies or privacy policies. There are analysis techniques to detect redundancy and incompleteness of policies. There are also techniques to detect modality conflicts su...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2010