Méthodes formelles pour le respect de la vie privée par construction

Abstract : Privacy by Design (PbD) is increasingly praised as a key approach to improving privacy protection. New information and communication technologies give rise to new business models and services. These services often rely on the exploitation of personal data for the purpose of customization. While privacy is more and more at risk, the growing view is that technologies themselves should be used to propose more privacy-friendly solutions. Privacy Enhancing Technologies (PETs) have been extensively studied, and many techniques have been proposed such as anonymizers or encryption mechanisms. However, PbD goes beyond the use of PETs. Indeed, the privacy requirements of a system should be taken into account from the early stages of the design because they can have a large impact on the overall architecture of the solution. The PbD approach can be summed up as ``prevent rather than cure''. A number of principles related to the protection of personal data and privacy have been enshrined in law and soft regulations. They involve notions such as data minimization, control of personal data by the subject, transparency of the data processing, or accountability. However, it is not clear how to translate these principles into technical features, and no method exists so far to support the design and verification of privacy compliant systems. This thesis proposes a systematic process to specify, design, and verify system architectures. This process helps designers to explore the design space in a systematic way. It is complemented by a formal framework in which confidentiality and integrity requirements can be expressed. Finally, a computer-aided engineering tool enables non-expert designers to perform formal verifications of the architectures. A case study illustrates the whole approach showing how these contributions complement each other and can be used in practice.
Document type :
Theses
Liste complète des métadonnées

Cited literature [131 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-01235044
Contributor : Abes Star <>
Submitted on : Friday, November 27, 2015 - 2:40:50 PM
Last modification on : Saturday, October 27, 2018 - 1:19:56 AM

File

these.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01235044, version 2

Citation

Thibaud Antignac. Méthodes formelles pour le respect de la vie privée par construction. Génie logiciel [cs.SE]. INSA de Lyon, 2015. Français. ⟨NNT : 2015ISAL0016⟩. ⟨tel-01235044v2⟩

Share

Metrics

Record views

416

Files downloads

539