12,545 Hits in 2.5 sec

Measuring Privacy Compliance Using Fitness Metrics [chapter]

Sebastian Banescu, Milan Petković, Nicola Zannone
2012 Lecture Notes in Computer Science  
In this paper, we propose a privacy compliance technique for detecting privacy infringements and measuring their severity.  ...  Nowadays, repurposing of personal data is a major privacy issue. Detection of data repurposing requires posteriori mechanisms able to determine how data have been processed.  ...  The detected infringements are then quantified using the privacy metric proposed in [2] . Privacy Compliance Checking Deviations between an event log and a process model can have different types.  ... 
doi:10.1007/978-3-642-32885-5_8 fatcat:oxwgcyfxhrf3blo32iwdnhoqxu

PERSONA - A Personalized Data Protection Framework [chapter]

Marina Egea, Federica Paci, Marinella Petrocchi, Nicola Zannone
2013 IFIP Advances in Information and Communication Technology  
In this paper we present the foundation of a novel approach to personalized data protection in which users play a central role in the authoring and enforcement of the policies governing the access and  ...  However, to date there are no data protection solutions that involve data subjects in the definition and enforcement of data protection policies.  ...  Moreover, they only locate deviations based on the tasks executed and their control flow.  ... 
doi:10.1007/978-3-642-38323-6_22 fatcat:4efeqrtbjje2fpxbpfnrohg7ei

Privacy Analysis of User Behavior Using Alignments

Arya Adriansyah, Boudewijn F. van Dongen, Nicola Zannone
2013 it - Information Technology  
The framework is based on systematic log auditing, use of patterns and privacy metrics to detect and quantify infringements.  ...  In this paper, we present a practical privacy framework that shifts the problem of preventing infringements into a problem of detecting infringements.  ...  Take down policy If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim.  ... 
doi:10.1515/itit.2013.2006 fatcat:bw4sspha65dtjbqys5gihsjuym

On Enabling GDPR Compliance in Business Processes Through Data-Driven Solutions

Rashid Zaman, Marwan Hassani
2020 SN Computer Science  
The processing principles of GDPR, in line with the spirit of privacy by design and default, provide directions on the collection, storage, and processing of personal data.  ...  However, long-term possession of data on one hand risks the privacy of data belonging beings in cases of data breaches and on the other hand results in the customers distrust.  ...  Data subject rights might necessitate changes in the control-flow perspective of business processes.  ... 
doi:10.1007/s42979-020-00215-x fatcat:gxu7ufpnazft3nrfqej6opcdqq

On the exploitation of process mining for security audits

Rafael Accorsi, Thomas Stocker, Günter Müller
2013 Proceedings of the 28th Annual ACM Symposium on Applied Computing - SAC '13  
In particular, it focuses on process discovery as a means to reconstruct process-related structures from event logs, such as the process' control flow, social network and data flows.  ...  This paper reports on the potential of process mining as a basis for security audits of business process and corresponding business process management systems.  ...  However, in this approach the overall control flow of the process is neglected; the focus is on the flow of data.  ... 
doi:10.1145/2480362.2480634 dblp:conf/sac/AccorsiSM13 fatcat:kvrhzb2z25evjbltmtx75g276y

Privacy Preservation Approach in Service Ecosystems

Yiyun Shen, Markus Miettinen, Pirjo Moen, Lea Kutvonen
2011 2011 IEEE 15th International Enterprise Distributed Object Computing Conference Workshops  
Emergence of business networking and social networking increases the exchange of sensitive information and creation of behaviour traces in the network.  ...  However, the current computing and communication solutions do not provide sufficient conceptual, architectural or technical facilities to preserve privacy while collaborating in the network.  ...  for which data is used within a business process.  ... 
doi:10.1109/edocw.2011.59 dblp:conf/edoc/ShenMMK11 fatcat:xjrjk7rmsrdrtl5gf2sj5cuwmq

Why Are Business Processes Not Secure? [chapter]

Günter Müller, Rafael Accorsi
2013 Lecture Notes in Computer Science  
The main goal and challenge of security in business processes is, on one hand, to provide well-founded guarantees regarding the adherence to security, privacy and regulatory compliance requirements and  ...  While data objects can be protected, a process cannot.  ...  Process Discovery approaches currently consider individual perspectives of the process (control-flow, data-flow and role model) in isolation [53] .  ... 
doi:10.1007/978-3-642-42001-6_17 fatcat:kuv4ae56qvcafm6w5lqpulqmoa

A semi-automated BPMN-based framework for detecting conflicts between security, data-minimization, and fairness requirements

Qusai Ramadan, Daniel Strüber, Mattia Salnitri, Jan Jürjens, Volker Riediger, Steffen Staab
2020 Journal of Software and Systems Modeling  
the underlying business processes.  ...  To address these challenges, we propose a BPMN-based framework that supports: (i) the design of business processes considering security, data-minimization and fairness requirements, (ii) the encoding of  ...  by relevant knowledge, but an absence of expert knowledge in business process modeling, security, and privacy.  ... 
doi:10.1007/s10270-020-00781-x fatcat:we4eibty7zgnjd2q4neynn6jiq

Insider Threat: Enhancing BPM through Social Media

Dimitris Gritzalis, Vasilis Stavrou, Miltiadis Kandias, George Stergiopoulos
2014 2014 6th International Conference on New Technologies, Mobility and Security (NTMS)  
Yet, even in light of modelling's widespread success, one can argue that it lacks built-in security mechanisms able to detect and fight threats that may manifest throughout the process.  ...  Modern business environments have a constant need to increase their productivity, reduce costs and offer competitive products and services. This can be achieved via modeling their business processes.  ...  By applying monitoring approaches to business level we claim that one is able to detect performance deviations of the users and also enhance these processes with information extracted from social media  ... 
doi:10.1109/ntms.2014.6814027 dblp:conf/ntms/GritzalisSKS14 fatcat:ehl7hqetojendk55f3paes5vvm

Data Protection Risk Modeling into Business Process Analysis [chapter]

António Gonçalves, Anacleto Correia, Luis Cavique
2017 Lecture Notes in Computer Science  
We use established body of knowledge regarding risk manager concepts and business process towards data protections.  ...  We present a novel way to link business process model with data protection risk management.  ...  EPCs specify the temporal and logical relationships between activities of a business process throw control flow [2] .  ... 
doi:10.1007/978-3-319-62392-4_48 fatcat:a2ugvimzjrhwdpn4aqb6joblcm

Purpose Control: Did You Process the Data for the Intended Purpose? [chapter]

Milan Petković, Davide Prandi, Nicola Zannone
2011 Lecture Notes in Computer Science  
In this paper, we present a flexible framework for purpose control, which connects the intended purpose of data to the business model of an organization and detects privacy infringements by determining  ...  Data protection legislation requires personal data to be collected and processed only for lawful and legitimate purposes.  ...  In this paper, we present a framework for purpose control which detects privacy infringements by determining whether data are processed in ways that are incompatible with the intended purpose of data.  ... 
doi:10.1007/978-3-642-23556-6_10 fatcat:unity5bzznfkxevpbt6gelh4b4

Automated Log Audits for Privacy Compliance Validation: A Literature Survey [chapter]

Jenni Reuben, Leonardo A. Martucci, Simone Fischer-Hübner
2016 IFIP Advances in Information and Communication Technology  
This work benefits from the invaluable comments, inputs from Rose-MharieÅhlfeldt and from the anonymous reviewers.  ...  In particular, the practice to ensure the execution of business processes on personal data in accordance with enterprise policies thus data protection regulations is referred to as privacy compliance  ...  Banescu et al. in [6] formalize the business processes of an enterprise.  ... 
doi:10.1007/978-3-319-41763-9_21 fatcat:5mcqxy7hs5dkzad7jq6gkninnu

Security and privacy protection in RFID-enabled supply chain management

Manmeet Mahinderjit Singh, Xue Li, Zhanhuai Li
2011 International Journal of Radio Frequency Identification Technology and Applications  
This paper discusses the ways in which privacy and security protection can be maintained in an open-loop RFID supply chain.  ...  Radio frequency identification-enabled supply chain systems are in an open system environment, where different organisations have different business workflows and operate on different standards and protocols  ...  The RFID-based supply chain system involves the movement and flow of millions of data.  ... 
doi:10.1504/ijrfita.2011.043738 fatcat:tjajycerknecnltqly64md6a6u

On the exploitation of process mining for security audits

Rafael Accorsi, Thomas Stocker
2012 Proceedings of the 27th Annual ACM Symposium on Applied Computing - SAC '12  
Process mining stands for a set of techniques to analyze business process models and logs. However, the extent to which it can be used for security auditing has not been investigated.  ...  Moreover, we identify a class of security requirements that demands process discovery for analysis, and elaborate on ways in which process mining could be extended to better suit security analyses.  ...  Finding Control-Flow Deviations Replaying is employed to find control flow deviations that lead to usage control violations.  ... 
doi:10.1145/2245276.2232051 dblp:conf/sac/AccorsiS12 fatcat:vktz76jirjdq5jv7b3ganfqteq

Protecting Citizens' Personal Data and Privacy: Joint Effort from GDPR EU Cluster Research Projects

Renata M. de Carvalho, Camillo Del Prete, Yod Samuel Martin, Rosa M. Araujo Rivero, Melek Önen, Francesco Paolo Schiavo, Ángel Cuevas Rumín, Haralambos Mouratidis, Juan C. Yelmo, Maria N. Koukovini
2020 SN Computer Science  
technologies, nor without risks management frameworks that guarantee privacy, data protection, and secure digital identities.  ...  Confidence in information and communication technology services and systems is crucial for the digital society which we live in, but this confidence is not possible without privacy-enhancing tools and  ...  Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long  ... 
doi:10.1007/s42979-020-00218-8 fatcat:vnxfogwk5zburkmddhiweld75a
« Previous Showing results 1 — 15 out of 12,545 results