科技报告详细信息
Towards A Conceptual Model For Privacy Policies
Casassa Mont, Marco ; Pearson, Siani ; Creese, Sadie ; Goldsmith, Michael ; Papanikolaou, Nick
HP Development Company
关键词: privacy policies;    policy hierarchy;    policy refinement;    conceptual model;   
RP-ID  :  HPL-2010-82
学科分类:计算机科学(综合)
美国|英语
来源: HP Labs
PDF
【 摘 要 】

This paper presents a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-level, focusing on the technical implementation of access controls to personal data held by an enterprise. High-level approaches tend to address privacy as an afterthought in ordinary business practice, and involve ad hoc enforcement practices; low-level approaches often leave out important legal and business considerations focusing solely on technical management of privacy policies. Hence, neither is a panacea and the low level approaches are often not adopted in real environments. Our conceptual model provides a means to express privacy policy requirements as well as users' privacy preferences. It enables structured reasoning regarding containment and implementation between various policies at the high level, and enables easy traceability into the low-level policy implementations. Thus it offers a means to reason about correctness that links low-level privacy management mechanisms to stakeholder requirements, thereby encouraging exploitation of the low-level methods.

【 预 览 】
附件列表
Files Size Format View
RO201804100002750LZ 216KB PDF download
  文献评价指标  
  下载次数:15次 浏览次数:20次