Supporting Semi-automated Compliance Control by a System Design Based on the Concept of Separation of Concerns

Abstract : Manual compliance audits of information systems tend to be time consuming. This leads to the problem that actual systems are not audited properly and do not comply to data protection laws or cannot be proven to comply. As a result, personal data of the data subject are potentially threatened with loss and misuse. Automatic compliance control is able to reduce the effort of compliance checks. However, current approaches are facing several drawbacks, e.g. the effort of employing cryptographic hardware on every single subsystem. In this paper a system design is presented that is able to circumvent several drawbacks of existing solutions thereby supporting and going beyond existing mechanisms for automated compliance control.
Document type :
Conference papers
Liste complète des métadonnées

Cited literature [15 references]  Display  Hide  Download

https://hal.inria.fr/hal-01559462
Contributor : Hal Ifip <>
Submitted on : Monday, July 10, 2017 - 4:49:32 PM
Last modification on : Tuesday, July 11, 2017 - 8:41:04 AM
Document(s) archivé(s) le : Wednesday, January 24, 2018 - 6:14:08 PM

File

978-3-642-20769-3_10_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Sebastian Haas, Ralph Herkenhöner, Denis Royer, Ammar Alkassar, Hermann Meer, et al.. Supporting Semi-automated Compliance Control by a System Design Based on the Concept of Separation of Concerns. 6th International Summer School (ISS), Aug 2010, Helsingborg, Sweden. pp.120-129, ⟨10.1007/978-3-642-20769-3_10⟩. ⟨hal-01559462⟩

Share

Metrics

Record views

237

Files downloads

23