A Privacy Policy Model for Enterprises. - Internet Archive Scholar

In this paper, we describe a privacy policy model that protects personal data from privacy violations by means of enforcing enterprise-wide privacy policies. By extending Jajodia et al.' ... Privacy is an increasing concern in the marketplace. Although enterprises promise sound privacy practices to their customers, there is no technical mechanism to enforce them internally. ... The members of IBM's Enterprise Privacy Architecture team were a valuable source not only of stringent requirements for but also solid expertise on data privacy. ...

doi:10.1109/csfw.2002.1021821 dblp:conf/csfw/KarjothS02 fatcat:sugnpq5inffnnhlutihqaeubfu

a high level of protection and two configuration conditions were associated with enterprises formulating a privacy policy with a low level of protection. ... Using a fuzzy set qualitative comparative analysis of Chinese listed platform enterprises, we found that three configuration conditions were associated with enterprises formulating a privacy policy with ... He Cui for providing a professional legal evaluation of the privacy policies. is work was supported by the Key Project of the National Social Science Fund of China (Grant no. 19AJY004), Department of Education ...

doi:10.1155/2022/9517769 fatcat:p6dbu65xyrab5l6w3frmdabh3y

DOAJ

In this paper, we propose a role-based, enterprise-level, RFID-oriented privacy authorization model for supporting the privacy policies in utilizing RFID in retail industry. ... an enterprise-wide privacy policy for managing and enforcing individual privacy preferences. ... We implemented the core privacy policies in our model utilizing essential constructs of Enterprise Privacy Authorization Language (EPAL). ...

doi:10.1109/scc.2005.44 dblp:conf/IEEEscc/LiHZA05 fatcat:t6dcrdecpzc5dbedmhcb4na36a

A key requirement for enterprises is being able to leverage their investments in identity management solutions. ... We introduce our work in these areas: core concepts are described along with our policy enforcement models and related technologies. ... The main aspects of this model are: a) A mechanism for the explicit modelling of personal data that are subject to privacy policies: this mechanism provides a description of data including the type of ...

doi:10.1007/11957454_7 fatcat:eb44saf5t5dafcnfslw2fwpvtu

Enterprises need mechanisms to ensure that their systems are compliant with both the policies they articulate and law. ... Moreover, they need to understand how to specify, deploy, communicate and enforce privacy policies. ... Enterprise Side: To support the complete life-cycle of a privacy policy, the framework's enterprise side is organized according to a three-tier model. ...

doi:10.1145/1272516.1272522 fatcat:optjvlmf2zg4pllr2nm4ll7tza

In this study, we analyze the potential privacy issue of RFID utilization, and we propose a privacy authorization model aiming for precisely defining RFID privacy policies for the retail industry. ... With the dramatic price drop of RFID tags, it is possible that RFID be applied to individual items sold by a retailer. However, the RFID technology poses critical privacy challenges. ... Acknowledgement This research is partly funded by a discovery grant (NSERC PIN: 290666) from the Natural Science and Engineering Research Council (NSERC) of Canada. ...

doi:10.4018/jcec.2006070103 fatcat:4bwujqqcqfazrov23b2apc3xoq

privacy, e-business organization, compliance checking, modeling, governance Increasingly, e-business organisations are coming under pressure to be compliant to a range of privacy legislation, policies ... There is a clear need for high-level management and administrators to be able to assess in a dynamic, customisable way the degree to which their enterprise complies with these. ... The model shown in Figure 4 focuses on assessing the deployment of a particular privacy policy enforcement system which is targeted at allowing both user preferences and enterprise policies to be taken ...

doi:10.4018/jebr.2009040104 fatcat:hp2shyemm5cipinrc2qlbiuxtu

workflow models, and support automated privacy management within an organization. ... In this paper, we expose the limitations of existing privacy management systems, and present a privacy management system that exploits social network analysis, which can automatically discover the privacy-related ... subject and enterprise privacy administrator to manage their privacy policies. ...

doi:10.1109/icsmc.2007.4414220 dblp:conf/smc/SongKY07 fatcat:pps6nzqvu5eftjszhc22paacva

This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. ... A consent and revocation policy is different from a privacy policy in that it defines not enterprise practices with regards to personal data, but more specifically, for each item of personal data held ... Our future work will seek to validate and refine our conceptualisation of a policy hierarchy, specifically with a view to ensuring that our conceptual model for privacy policy is rich enough to cater for ...

doi:10.1007/978-3-642-20769-3_21 fatcat:zyj76lcy7rawjn3hkpl2weaiwa

the Tropos modeling framework where tools are available for checking the correctness and consistency of privacy requirements. ... We propose a procedure for automatically extracting privacy requirements from databases supporting access control mechanisms for personal data (hereafter Hippocratic databases) and representing them in ... Firstly, it provides a representation of the enterprise privacy policy in a modeling framework where formal tools are available for model checking (see Ref. 16 ). ...

doi:10.1142/s0218194007003239 fatcat:bbafhllbazhifixn5x2cfnuwce

Web services are based on a set of ... A Web service is defined as an autonomous unit of application logic that provides either some business functionality or information to other applications through an Internet connection. ... For example, an enterprise A's privacy policy can refer to a vocabulary defined by an enterprise B. ...

doi:10.1109/icws.2004.1314737 dblp:conf/icws/HungFC04 fatcat:j7e6rt7tunfzzhoscoeed4xzt4

To ensure privacy compliance with legal policies, enterprise privacy principles and expectations of customers, the system design should consider the privacy requirements emanating from all these sources ... Privacy is one of the major concerns of data protection where personal data of individuals are used by enterprises for providing services. ... The number of policies of an enterprise can be numerous but for our purpose two small example sets of privacy policies of a university are considered as legal privacy requirements and enterprise privacy ...

doi:10.35940/ijrte.d9049.118419 fatcat:jbm2m7e2lfetndysi2qvrmr7c4

Open Access

We advocate another model that is closer to the "physical" world: we consider our privacy respected when our personal data is used for the purpose for which we gave it in the first place. ... The last years have seen a peak in privacy related research. The focus has been mostly on how to protect the individual from being tracked, with plenty of anonymizing solutions. ... EPAL aims at formalizing enterprise-internal privacy policies. This requires a vocabulary that formalizes the privacy relevant aspects of an enterprise. ...

doi:10.1007/11861386_20 fatcat:fcp26gp4bbhknehime2n6aylqm

This paper presents a framework designed to assist enterprises in implementing a forensic readiness capability for information privacy incidents. ... In particular, the framework provides guidance for specifying high-level policies, business processes and organizational functions, and for determining the device-level forensic procedures, standards and ... Privacy policies in the framework are split into an internal privacy policy for employees of the enterprise (Block H9) and privacy policies for data subjects (Block H10). ...

doi:10.1007/978-3-642-04155-6_11 fatcat:3ozomeas4fhanpv3lwh5cknsty

Evidence based Medicine is emerging as a key process in Health care to enable insights driven quality care for individual patients. ... The old methods of securing enterprises using perimeter defense models are likely to fall short; hence new innovative methods such as dynamic learning threat defense systems that perform rapid detection ... As more and more people get access to the data, trust becomes a concern since privacy safeguards and policies differ from enterprise to enterprise. ...

doi:10.1016/j.procs.2014.08.078 fatcat:7hrjahtopvb33e6e67kpjbwtzm

Open Access

A privacy policy model for enterprises

Preserved Fulltext

An Empirical Study of Platform Enterprises' Privacy Protection Behaviors Based on fsQCA

Preserved Fulltext

Designing privacy policies for adopting RFID in the retail industry

Preserved Fulltext

A Systemic Approach to Automate Privacy Policy Enforcement in Enterprises [chapter]

Preserved Fulltext

A roadmap for comprehensive online privacy policy management

Preserved Fulltext

Privacy Issues of Applying RFID in Retail Industry

Preserved Fulltext

A Model-Based Privacy Compliance Checker

Preserved Fulltext

Privacy management system using social networking

Preserved Fulltext

A Conceptual Model for Privacy Policies with Consent and Revocation Requirements [chapter]

Preserved Fulltext

FROM HIPPOCRATIC DATABASES TO SECURE TROPOS: A COMPUTER-AIDED RE-ENGINEERING APPROACH

Preserved Fulltext

Towards standardized Web services privacy technologies

Preserved Fulltext

A Methodology for Eliciting Data Privacy Requirements and Resolving Conflicts

Preserved Fulltext

Privacy Is Linking Permission to Purpose [chapter]

Preserved Fulltext

A Forensic Framework for Handling Information Privacy Incidents [chapter]

Preserved Fulltext

Securing B2B Pervasive Information Sharing between Healthcare Providers: Enabling the Foundation for Evidence based Medicine

Preserved Fulltext