Conceptual Framework and Architecture for Privacy Audit

Many ICT applications involve the collection of personal information or information on the behaviour of customers, users, employees, citizens, or patients. The organisations that collect this data need to manage the privacy of these individuals. In many organisations there are insufficient data protection measures and a low level of trust among those whose data are concerned. It is often difficult and burdensome for organisations to prove privacy compliance and accountability especially in situations that cross national boundaries and involve a number of different legal systems governing privacy. In response to these obstacles, we describe instruments facilitating accountability, audit, and meaningful certification. These instruments are based on a set of fundamentaldata protection goals DPG: availability, integrity, confidentiality, transparency, intervenability, and unlinkability. By using the data protection goals instead of focusing on fragmented national privacy regulations, a well defined set of privacy metrics can be identified recognising privacy by design requirements and widely accepted certification criteria. We also describe a novel conceptual framework and architecture for defining comprehensive privacy compliance metrics and providingassessment tools for ICT applications and services using as much automation as possible. The proposed metrics and tools will identify gaps, provide clear suggestions and will assist audit and certification to support informed decisions on the trustworthiness of ICT for citizens and businesses.

[1]  Michele Bezzi Expressing privacy metrics as one-symbol information , 2010, EDBT '10.

[2]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[3]  Qing Li,et al.  Unified Modeling Language , 2009 .

[4]  Sebastian Meissner,et al.  Datenschutz-Schutzziele im Recht , 2012, Datenschutz und Datensicherheit - DuD.

[5]  Martin Rost,et al.  Privacy By Design und die Neuen Schutzziele , 2011, Datenschutz und Datensicherheit - DuD.

[6]  Dilsun Kirli Kaynar,et al.  Understanding and Protecting Privacy: Formal Semantics and Principled Audit Mechanisms , 2011, ICISS.

[7]  Debra Herrmann,et al.  Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI , 2007 .

[8]  Reijo Savola,et al.  Towards a Risk-Driven Methodology for Privacy Metrics Development , 2010, 2010 IEEE Second International Conference on Social Computing.

[9]  Douglas C. Schmidt,et al.  Guest Editor's Introduction: Model-Driven Engineering , 2006, Computer.

[10]  Masakatsu Nishigaki,et al.  Advances in Information and Computer Security - 6th International Workshop, IWSEC 2011, Tokyo, Japan, November 8-10, 2011. Proceedings , 2011, IWSEC.

[11]  Thomas Probst Generische Schutzmaßnahmen für Datenschutz-Schutzziele , 2012, Datenschutz und Datensicherheit - DuD.

[12]  Elisa Bertino,et al.  Access Control Policy Analysis and Visualization Tools for Security Professionals , 2008 .

[13]  Elena Ferrari,et al.  Towards a Modeling and Analysis Framework for Privacy-Aware Systems , 2012, 2012 International Conference on Privacy, Security, Risk and Trust and 2012 International Confernece on Social Computing.

[14]  Evan Martin Testing and Analysis of Access Control Policies , 2007, 29th International Conference on Software Engineering (ICSE'07 Companion).

[15]  Martin Rost Datenschutz in 3D : Daten, Prozesse und Schutzziele in einem Modell (Aufsätze) , 2011 .

[16]  Dilsun Kirli Kaynar,et al.  Experiences in the logical specification of the HIPAA and GLBA privacy laws , 2010, WPES '10.

[17]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[18]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[19]  Ninghui Li,et al.  Purpose based access control for privacy protection in relational database systems , 2008, The VLDB Journal.

[20]  Reijo Savola,et al.  Development of Measurable Security for a Distributed Messaging System , 2010 .

[21]  Jorge Lobo,et al.  Privacy-aware role-based access control , 2010 .

[22]  Jim Steel,et al.  MOF QVT final adopted specification: meta object facility (MOF) 2.0 query/view/transformation specification. , 2005 .

[23]  Ioannis Lambadaris,et al.  Current Trends and Advances in Information Assurance Metrics , 2004, Conference on Privacy, Security and Trust.

[24]  Andreas Pfitzmann,et al.  Datenschutz-Schutzziele — revisited , 2009, Datenschutz und Datensicherheit - DuD.

[25]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[26]  Mary E. S. Loomis,et al.  The Basics: , 1990, Is That True?.

[27]  Bruno Crispo,et al.  Privacy and Identity Management for Life , 2011, IFIP Advances in Information and Communication Technology.

[28]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[29]  Jean Bézivin,et al.  ATL: A model transformation tool , 2008, Sci. Comput. Program..

[30]  Josep Domingo-Ferrer,et al.  From t-Closeness-Like Privacy to Postrandomization via Information Theory , 2010, IEEE Transactions on Knowledge and Data Engineering.

[31]  Wouter Joosen,et al.  Using Security Patterns to Combine Security Metrics , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[32]  Martin Rost,et al.  Datenschutz in 3D , 2011, Datenschutz und Datensicherheit - DuD.

[33]  Marit Hansen,et al.  Privacy Protection Goals and Their Implications for eID Systems , 2011, PrimeLife.

[34]  Reijo Savola,et al.  A Requirement Centric Framework for Information Security Evaluation , 2006, IWSEC.

[35]  Johannes Gehrke,et al.  Interactive anonymization of sensitive data , 2009, SIGMOD Conference.

[36]  Andrew Jaquith Security Metrics: Replacing Fear, Uncertainty, and Doubt , 2007 .

[37]  Dilsun Kirli Kaynar,et al.  A Logic of Secure Systems and its Application to Trusted Computing , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[38]  Stuart Kent,et al.  Model Driven Engineering , 2002, IFM.