A model-based approach to support privacy compliance. (8th October 2018)
- Record Type:
- Journal Article
- Title:
- A model-based approach to support privacy compliance. (8th October 2018)
- Main Title:
- A model-based approach to support privacy compliance
- Authors:
- Alshammari, Majed
Simpson, Andrew - Abstract:
- Abstract : Purpose: Concerns over data-processing activities that may lead to privacy violations or harms have motivated the development of legal frameworks and standards. Further, software engineers are increasingly expected to develop and maintain privacy-aware systems that both comply with such frameworks and standards and meet reasonable expectations of privacy. This paper aims to facilitate reasoning about privacy compliance, from legal frameworks and standards, with a view to providing necessary technical assurances. Design/methodology/approach: The authors show how the standard extension mechanisms of the UML meta-model might be used to specify and represent data-processing activities in a way that is amenable to privacy compliance checking and assurance. Findings: The authors demonstrate the usefulness and applicability of the extension mechanisms in specifying key aspects of privacy principles as assumptions and requirements, as well as in providing criteria for the evaluation of these aspects to assess whether the model meets these requirements. Originality/value: First, the authors show how key aspects of abstract privacy principles can be modelled using stereotypes and tagged values as privacy assumptions and requirements. Second, the authors show how compliance with these principles can be assured via constraints that establish rules for the evaluation of these requirements.
- Is Part Of:
- Information and computer security. Volume 26:Number 4(2018)
- Journal:
- Information and computer security
- Issue:
- Volume 26:Number 4(2018)
- Issue Display:
- Volume 26, Issue 4 (2018)
- Year:
- 2018
- Volume:
- 26
- Issue:
- 4
- Issue Sort Value:
- 2018-0026-0004-0000
- Page Start:
- 437
- Page End:
- 453
- Publication Date:
- 2018-10-08
- Subjects:
- Data protection -- Privacy -- Data processing -- Compliance checking -- Compliance demonstration
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-11-2017-0084 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8619.xml