Measuring Privacy Compliance Using Fitness Metrics

Nowadays, repurposing of personal data is a major privacy issue. Detection of data repurposing requires posteriori mechanisms able to determine how data have been processed. However, current a posteriori solutions for privacy compliance are often manual, leading infringements to remain undetected. In this paper, we propose a privacy compliance technique for detecting privacy infringements and measuring their severity. The approach quantifies infringements by considering a number of deviations from specifications (i.e., insertion, suppression, replacement, and re-ordering).

[1]  Wolfgang Reisig,et al.  Application and Theory of Petri Nets , 1982, Informatik-Fachberichte.

[2]  Charles Lakos,et al.  Composing Abstractions of Coloured Petri Nets , 2000, ICATPN.

[3]  M. Nielsen,et al.  Application and Theory of Petri Nets 2000: 21st International Conference, ICATPN 2000 Aarhus, Denmark, June 26–30, 2000 Proceedings , 2000, ICATPN.

[4]  Wil M. P. van der Aalst,et al.  Conformance checking of processes based on monitoring real behavior , 2008, Inf. Syst..

[5]  Boudewijn F. van Dongen,et al.  Conformance Checking Using Cost-Based Fitness Analysis , 2011, 2011 IEEE 15th International Enterprise Distributed Object Computing Conference.

[6]  Nicola Zannone,et al.  Measuring Privacy Compliance with Process Specifications , 2011, 2011 Third International Workshop on Security Measurements and Metrics.

[7]  Nicola Zannone,et al.  Purpose Control: Did You Process the Data for the Intended Purpose? , 2011, Secure Data Management.