Supporting Semi-automated Compliance Control by a System Design Based on the Concept of Separation of Concerns

Abstract : Manual compliance audits of information systems tend to be time consuming. This leads to the problem that actual systems are not audited properly and do not comply to data protection laws or cannot be proven to comply. As a result, personal data of the data subject are potentially threatened with loss and misuse. Automatic compliance control is able to reduce the effort of compliance checks. However, current approaches are facing several drawbacks, e.g. the effort of employing cryptographic hardware on every single subsystem. In this paper a system design is presented that is able to circumvent several drawbacks of existing solutions thereby supporting and going beyond existing mechanisms for automated compliance control.
Type de document :
Communication dans un congrès
Simone Fischer-Hübner; Penny Duquenoy; Marit Hansen; Ronald Leenes; Ge Zhang. 6th International Summer School (ISS), Aug 2010, Helsingborg, Sweden. Springer, IFIP Advances in Information and Communication Technology, AICT-352, pp.120-129, 2011, Privacy and Identity Management for Life. 〈10.1007/978-3-642-20769-3_10〉
Liste complète des métadonnées

Littérature citée [15 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01559462
Contributeur : Hal Ifip <>
Soumis le : lundi 10 juillet 2017 - 16:49:32
Dernière modification le : mardi 11 juillet 2017 - 08:41:04
Document(s) archivé(s) le : mercredi 24 janvier 2018 - 18:14:08

Fichier

978-3-642-20769-3_10_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Sebastian Haas, Ralph Herkenhöner, Denis Royer, Ammar Alkassar, Hermann Meer, et al.. Supporting Semi-automated Compliance Control by a System Design Based on the Concept of Separation of Concerns. Simone Fischer-Hübner; Penny Duquenoy; Marit Hansen; Ronald Leenes; Ge Zhang. 6th International Summer School (ISS), Aug 2010, Helsingborg, Sweden. Springer, IFIP Advances in Information and Communication Technology, AICT-352, pp.120-129, 2011, Privacy and Identity Management for Life. 〈10.1007/978-3-642-20769-3_10〉. 〈hal-01559462〉

Partager

Métriques

Consultations de la notice

113

Téléchargements de fichiers

14