Log Analysis for Data Protection Accountability

Denis Butin 1, 2, * Daniel Le Métayer 1, 2
* Corresponding author
1 PRIVATICS - Privacy Models, Architectures and Tools for the Information Society
Inria Grenoble - Rhône-Alpes, CITI - CITI Centre of Innovation in Telecommunications and Integration of services
Abstract : Accountability is increasingly recognised as a cornerstone of data protection, notably in European regulation, but the term is frequently used in a vague sense. For accountability to bring tangible benefits, the expected properties of personal data handling logs (used as "accounts") and the assumptions regarding the logging process must be defined with accuracy. In this paper, we provide a formal framework for accountability and show the correctness of the log analysis with respect to abstract traces used to specify privacy policies. We also show that compliance with respect to data protection policies can be checked based on logs free of personal data, and describe the integration of our formal framework in a global accountability process.
Liste complète des métadonnées

Cited literature [17 references]  Display  Hide  Download

https://hal.inria.fr/hal-00984308
Contributor : Denis Butin <>
Submitted on : Monday, April 28, 2014 - 10:40:46 AM
Last modification on : Thursday, November 29, 2018 - 6:18:04 PM
Document(s) archivé(s) le : Monday, July 28, 2014 - 11:16:01 AM

File

bm-accountability-camready.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Denis Butin, Daniel Le Métayer. Log Analysis for Data Protection Accountability. FM2014 - 19th International Symposium on Formal Methods, Cliff Jones and Pekka Pihlajasaari and Jun Sun, May 2014, National University of Singapore (NUS), Singapore. pp.163-178, ⟨10.1007/978-3-319-06410-9_12⟩. ⟨hal-00984308⟩

Share

Metrics

Record views

540

Files downloads

1779