KIT | KIT-Bibliothek | Impressum | Datenschutz

A Data-centric View on Expressing Privacy Policies

Speiser, Sebastian

Abstract:
Services often depend on data about users to work at all (e.g. providing quotes for health insurance) or to improve their quality (e.g. product recommendation systems). Storing and giving access to data owned by third parties is in many cases even the core task of services, e.g., for social networks or cloud storage providers. Privacy is an important concern, as users still want to control usage and distribution of their data. Enabled by Internet technologies, services are often provided by dynamically created and frequently changing groups of cooperating providers. This leads to a situation, where often no single entity has a complete view of the process operating on a user’s data. In consequence, it is difficult to check compliance of such a process with the user’s privacy policy. As an alternative model, we propose a data-centric view on privacy policies, that are attached to data artefacts and are self-contained descriptions of the allowed actions to be performed. Such policies can be passed together with the artefacts to subproviders. A key challenge of such policies is to express restrictions on the policies of derived artefacts, which
can also be subject to privacy constraints.

Open Access Logo


Zugehörige Institution(en) am KIT Institut für Angewandte Informatik und Formale Beschreibungsverfahren (AIFB)
Publikationstyp Forschungsbericht
Jahr 2012
Sprache Englisch
Identifikator KITopen-ID: 1000091503
Verlag KIT, Karlsruhe
Umfang 12.
Externe Relationen Abstract/Volltext
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page