论文信息 - Technical Enforcement of Privacy Legislation

Technical Enforcement of Privacy Legislation

The potential invasion of individuals' privacy constitutes the flip side of the advanced services' provision, boosted by the recent advances in mobile communications, location and sensing technologies and data processing. Being situated in the realms of legal and social studies, the notion of privacy is mainly left, concerning its protection, to legislation and service providers' self-regulation by means of privacy policies. However, all laws and codes of conduct are useless without enforcement. Based on this concept, this paper presents a framework that formally models the privacy principles that regulate the services' provision and incorporates them into a privacy enhancing middleware system. The mediation of the considered architecture between the users and the service providers, guarantees the enforcement of a privacy policy that is defined by the technical translation of the privacy principles and regulations and overrides the service providers' ones.

[1] B. Turner. Organization for Economic Co-Operation and Development (OECD) , 2001 .

[2] Dave Crocker,et al. Augmented BNF for Syntax Specifications: ABNF , 1997, RFC.

[3] Marco Casassa Mont,et al. A Systemic Approach to Automate Privacy Policy Enforcement in Enterprises , 2006, Privacy Enhancing Technologies.

[4] Frank van Harmelen,et al. Web Ontology Language: OWL , 2004, Handbook on Ontologies.

[5] Louis D. Brandeis,et al. The Right to Privacy , 1890 .

[6] Elisa Bertino,et al. Privacy-Preserving Database Systems , 2005, FOSAD.

[7] N. F. Noy,et al. Ontology Development 101: A Guide to Creating Your First Ontology , 2001 .