Privacy Compliance via Model Transformations

Abstract : Due to the upcoming, more restrictive regulations (like the European GDPR), designing privacy preserving architectures for information systems is becoming a pressing concern for practitioners. In particular, verifying that a design is compliant with the regulations might be a challenging task for engineers. This work presents an approach based on model transformations, which guarantee that an architectural design encompasses regulation-oriented principles such as purpose limitation, or accountability of the data controller. Our work improves the state of the art along two main dimensions. The approach we propose (i) embeds privacy principles coming from regulations, thus helping to bridge the gap between the technical and the legal worlds, (ii) systematize the embedding of the privacy principles coming from regulations, thus enabling a constructive approach to privacy by design.
Document type :
Directions of work or proceedings
Complete list of metadatas

Cited literature [27 references]  Display  Hide  Download

https://hal-cea.archives-ouvertes.fr/cea-01809076
Contributor : Thibaud Antignac <>
Submitted on : Wednesday, June 6, 2018 - 1:44:03 PM
Last modification on : Thursday, February 7, 2019 - 4:18:23 PM
Long-term archiving on : Friday, September 7, 2018 - 1:39:54 PM

File

iwpe18.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : cea-01809076, version 1

Collections

Citation

Thibaud Antignac, Riccardo Scandariato, Gerardo Schneider. Privacy Compliance via Model Transformations. France. 2018. ⟨cea-01809076⟩

Share

Metrics

Record views

77

Files downloads

135