Log Analysis for Data Protection Accountability (Extended Version)

Denis Butin 1, 2, * Daniel Le Métayer 1, 2
* Corresponding author
1 PRIVATICS - Privacy Models, Architectures and Tools for the Information Society
Inria Grenoble - Rhône-Alpes, CITI - CITI Centre of Innovation in Telecommunications and Integration of services
Abstract : Accountability is increasingly recognised as a cornerstone of data protection, notably in European regulation, but the term is frequently used in a vague sense. For accountability to bring tangible benefits, the expected properties of personal data handling logs (used as "accounts") and the assumptions regarding the logging process must be defined with accuracy. In this paper, we provide a formal framework for accountability and show the correctness of the log analysis with respect to abstract traces used to specify privacy policies. We also show that compliance with respect to data protection policies can be checked based on logs free of personal data, and describe the integration of our formal framework in a global accountability process.
Document type :
Reports
Complete list of metadatas

Cited literature [5 references]  Display  Hide  Download

https://hal.inria.fr/hal-00921156
Contributor : Denis Butin <>
Submitted on : Thursday, December 19, 2013 - 6:44:43 PM
Last modification on : Thursday, November 29, 2018 - 6:18:04 PM
Long-term archiving on : Thursday, March 20, 2014 - 10:55:55 AM

File

RR-8432.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-00921156, version 1

Collections

Citation

Denis Butin, Daniel Le Métayer. Log Analysis for Data Protection Accountability (Extended Version). [Research Report] RR-8432, INRIA. 2013, pp.18. ⟨hal-00921156⟩

Share

Metrics

Record views

478

Files downloads

300