An agent architecture for e-services privacy policy compliance

The growth of the Internet has been accompanied by the growth of e-services (e.g. e-commerce, e-health). This proliferation of e-services and the increasing regulatory and legal requirements for personal privacy have fueled the need to protect the personal privacy of e-service users. Approaches are needed to ensure that providers of e-services comply with the privacy policies of service users. In this paper, we examine privacy legislation to derive requirements for privacy policy compliance systems. We then propose an agent-based architecture for a privacy policy compliance system that satisfies many of the requirements and discuss the strengths and weaknesses of our proposed architecture.

[1]  Shing-Chi Cheung,et al.  A three-layer architecture for e-contract enforcement in an e-service environment , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[2]  George Yee The Negotiation of Privacy Policies in Distance Education 1 , 2003 .

[3]  Atul Prakash,et al.  A flexible architecture for security policy enforcement , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[4]  Thu D. Nguyen,et al.  A Hierarchical Policy Specification Language and Enforcement Mechanism for Governing Digital Enterprises , 2002, POLICY.

[5]  Larry Korba,et al.  Applying digital rights management systems to privacy rights management , 2002, Comput. Secur..

[6]  George Yee,et al.  Bilateral e-services negotiation under uncertainty , 2003, 2003 Symposium on Applications and the Internet, 2003. Proceedings..

[7]  George Yee,et al.  Privacy policy compliance for Web services , 2004, Proceedings. IEEE International Conference on Web Services, 2004..