| Publons ID | (not set) |
|---|
| Wos ID | WOS:000614039400028 |
|---|
| Doi | 10.1145/3078861.3078879 |
|---|
| Title | Security Analysis and Legal Compliance Checking for the Design of Privacy-friendly Information Systems |
|---|
| First Author | |
|---|
| Last Author | |
|---|
| Authors | Guarda, P; Ranise, S; Siswantoro, H; |
|---|
| Publish Date | 2017 |
|---|
| Journal Name | PROCEEDINGS OF THE 22ND ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES (SACMAT'17) |
|---|
| Citation | 8 |
|---|
| Abstract | Nowadays, most of business practices involve personal data processing of customers and employees. This is strictly regulated by legislation to protect the rights of the data subject. Enforcing regulation into enterprise information system is a non-trivial task that requires an interdisciplinary approach. This paper presents a declarative framework to support the specification of information system designs, purpose-aware access control policies, and the legal requirements derived from the European Data Protection Directive. This allows for compliance checking via a reduction to policy refinement that is supported by available automated tools. We briefly discuss the results of the compliance analysis with a prototype tool on a simple but realistic scenario about the processing of personal data to produce salary slips of employees in an Italian organization. |
|---|
| Publish Type | Book |
|---|
| Publish Year | 2017 |
|---|
| Page Begin | 247 |
|---|
| Page End | 254 |
|---|
| Issn | |
|---|
| Eissn | |
|---|
| Url | https://www.webofscience.com/wos/woscc/full-record/WOS:000614039400028 |
|---|
| Author | HARI SISWANTORO, S.T., M.T., Ph.D. |
|---|
| File | 135967.pdf |
|---|