Enterprises that collect and process personal data must deal with related privacy management issues. It is not just a matter of privacy-aware access control: privacy obligation policies, dictating duties and expectations on how personal data has to be handled, must be considered too. The management of obligation policies is a promising area (affecting the lifecycle management of personal data) but it is still underestimated. Enterprises require solutions that enable automation and leverage their current identity management solutions. HP Labs have been working on this topic in the last few years, also in the context of the EU PRIME project. In this paper we present our recent work on parametric obligation policies and a related obligation management framework to deal with a scalable management of these obligation policies on large amounts of data, stored in distributed data repositories. 10 Pages
PDF
download
878987797
028-85220240
