Privacy Architectures: Reasoning about Data Minimisation and Integrity
نویسندگان
چکیده
Privacy by design will become a legal obligation in the European Community if the Data Protection Regulation eventually gets adopted. However, taking into account privacy requirements in the design of a system is a challenging task. We propose an approach based on the specification of privacy architectures and focus on a key aspect of privacy, data minimisation, and its tension with integrity requirements. We illustrate our formal framework through a smart metering case study.
منابع مشابه
Data Minimisation: a Language-Based Approach (Long Version)
Data minimisation is a privacy-enhancing principle considered as one of the pillars of personal data regulations. This principle dictates that personal data collected should be no more than necessary for the specific purpose consented by the user. In this paper we study data minimisation from a programming language perspective. We assume that a given program embodies the purpose of data collect...
متن کاملDesign and Analysis of Privacy Policies a Dissertation Submitted to the Department of Computer Science and the Committee on Graduate Studies of Stanford University in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy
Organizations, such as hospitals and financial institutions, that use privacy-sensitive information face the challenge of complying with privacy regulations and their own privacy policies. These regulations and policies are often written in natural language (or legalese), making it difficult for information systems to aid in assuring compliance. In this thesis, we propose a formal language for ...
متن کاملBiometric Systems Private by Design: Reasoning about privacy properties of biometric system architectures
This work aims to show the applicability, and how, of privacy by design approach to biometric systems and the benefit of using formal methods to this end. Starting from a general framework that has been introduced at STM in 2014, that enables to define privacy architectures and to formally reason about their properties, we explain how it can be adapted to biometrics. The choice of particular te...
متن کاملPOSTER–TRIPLEX: Verifying Data Minimisation in Communication Systems
Systems dealing with personal information are legally required to satisfy the principle of data minimisation. Privacy-enhancing protocols use cryptographic primitives to minimise the amount of personal information exposed by communication. However, the complexity of these primitives and their interplay makes it hard for noncryptography experts to understand the privacy implications of their use...
متن کاملAnalyzing Tools and Algorithms for Privacy Protection and Data Security in Social Networks
The purpose of this research, is to study factors influencing privacy concerns about data security and protection on social network sites and its’ influence on self-disclosure. 100 articles about privacy protection, data security, information disclosure and Information leakage on social networks were studied. Models and algorithms types and their repetition in articles have been distinguished a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014