Static checking of GDPR-related privacy compliance for object-oriented distributed systems
The adoption of information technology in foremost sectors of human activity such as banking, healthcare, education, governance etc., increases the amount of data collected and processed to enable these services. With the convenience the technology offers, it also brings increased challenges pertain...
Gespeichert in:
| Veröffentlicht in: | Journal of logical and algebraic methods in programming 2021 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | nor |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | Journal of logical and algebraic methods in programming |
| container_volume | |
| creator | Tokas, Shukun Owe, Olaf Ramezanifarkhani, Toktam |
| description | The adoption of information technology in foremost sectors of human activity such as banking, healthcare, education, governance etc., increases the amount of data collected and processed to enable these services. With the convenience the technology offers, it also brings increased challenges pertaining to the privacy. In response to these emerging privacy concerns, the European Union has approved the General Data Protection Regulation (GDPR) to strengthen data protection across the European Union. This regulation requires individuals and organizations that process personal data of EU citizens or provide services in EU, to comply with the privacy requirements in the GDPR. However, the privacy policies stating how personal information will be handled to meet regulations as well as organizational objectives, are given in natural language statements. To demonstrate a program's compliance with privacy policies, a link should be established between policy statements and the program code, with the support of a formalized analysis.
Based on this vision, we formalize a notion of privacy policies and a notion of compliance for the setting of object-oriented distributed systems. For this we provide explicit constructs to specify constituents of privacy policies (i.e., principal, purpose, access right) on personal data. We present a policy specification language and a formalization of privacy compliance, as well as a high-level modeling language for distributed systems extended with support for policies. We define a type and effect system for static checking of compliance of privacy policies and show soundness of this analysis based on an operational semantics. Finally, we prove a progress property. |
| format | Article |
| fullrecord | <record><control><sourceid>cristin</sourceid><recordid>TN_cdi_cristin_nora_10852_91127</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>10852_91127</sourcerecordid><originalsourceid>FETCH-cristin_nora_10852_911273</originalsourceid><addsrcrecordid>eNqFyr0OgjAUQOEOmkiUZ7Av0KQtQXD2dzTq5ELK5aJFaElbTXh7JXF3Omf4JiSSSSqZlDyfkdj7hnMuVnmWJyIit0tQQQOFB8JTmzu1NT1sT2fmsFUBK9o7_VYwULBd32plAGltHbVlgxCYdRrNyCrtg9Pla3w_-ICdX5BprVqP8a9zstzvrpsjA_fF2hTGOlUInqeyWAshs-S_-AAFoT9F</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Static checking of GDPR-related privacy compliance for object-oriented distributed systems</title><source>NORA - Norwegian Open Research Archives</source><source>Alma/SFX Local Collection</source><creator>Tokas, Shukun ; Owe, Olaf ; Ramezanifarkhani, Toktam</creator><creatorcontrib>Tokas, Shukun ; Owe, Olaf ; Ramezanifarkhani, Toktam</creatorcontrib><description>The adoption of information technology in foremost sectors of human activity such as banking, healthcare, education, governance etc., increases the amount of data collected and processed to enable these services. With the convenience the technology offers, it also brings increased challenges pertaining to the privacy. In response to these emerging privacy concerns, the European Union has approved the General Data Protection Regulation (GDPR) to strengthen data protection across the European Union. This regulation requires individuals and organizations that process personal data of EU citizens or provide services in EU, to comply with the privacy requirements in the GDPR. However, the privacy policies stating how personal information will be handled to meet regulations as well as organizational objectives, are given in natural language statements. To demonstrate a program's compliance with privacy policies, a link should be established between policy statements and the program code, with the support of a formalized analysis.
Based on this vision, we formalize a notion of privacy policies and a notion of compliance for the setting of object-oriented distributed systems. For this we provide explicit constructs to specify constituents of privacy policies (i.e., principal, purpose, access right) on personal data. We present a policy specification language and a formalization of privacy compliance, as well as a high-level modeling language for distributed systems extended with support for policies. We define a type and effect system for static checking of compliance of privacy policies and show soundness of this analysis based on an operational semantics. Finally, we prove a progress property.</description><identifier>ISSN: 2352-2208</identifier><language>nor</language><ispartof>Journal of logical and algebraic methods in programming, 2021</ispartof><rights>info:eu-repo/semantics/openAccess</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>230,315,781,785,886,4025,26569</link.rule.ids></links><search><creatorcontrib>Tokas, Shukun</creatorcontrib><creatorcontrib>Owe, Olaf</creatorcontrib><creatorcontrib>Ramezanifarkhani, Toktam</creatorcontrib><title>Static checking of GDPR-related privacy compliance for object-oriented distributed systems</title><title>Journal of logical and algebraic methods in programming</title><description>The adoption of information technology in foremost sectors of human activity such as banking, healthcare, education, governance etc., increases the amount of data collected and processed to enable these services. With the convenience the technology offers, it also brings increased challenges pertaining to the privacy. In response to these emerging privacy concerns, the European Union has approved the General Data Protection Regulation (GDPR) to strengthen data protection across the European Union. This regulation requires individuals and organizations that process personal data of EU citizens or provide services in EU, to comply with the privacy requirements in the GDPR. However, the privacy policies stating how personal information will be handled to meet regulations as well as organizational objectives, are given in natural language statements. To demonstrate a program's compliance with privacy policies, a link should be established between policy statements and the program code, with the support of a formalized analysis.
Based on this vision, we formalize a notion of privacy policies and a notion of compliance for the setting of object-oriented distributed systems. For this we provide explicit constructs to specify constituents of privacy policies (i.e., principal, purpose, access right) on personal data. We present a policy specification language and a formalization of privacy compliance, as well as a high-level modeling language for distributed systems extended with support for policies. We define a type and effect system for static checking of compliance of privacy policies and show soundness of this analysis based on an operational semantics. Finally, we prove a progress property.</description><issn>2352-2208</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>3HK</sourceid><recordid>eNqFyr0OgjAUQOEOmkiUZ7Av0KQtQXD2dzTq5ELK5aJFaElbTXh7JXF3Omf4JiSSSSqZlDyfkdj7hnMuVnmWJyIit0tQQQOFB8JTmzu1NT1sT2fmsFUBK9o7_VYwULBd32plAGltHbVlgxCYdRrNyCrtg9Pla3w_-ICdX5BprVqP8a9zstzvrpsjA_fF2hTGOlUInqeyWAshs-S_-AAFoT9F</recordid><startdate>2021</startdate><enddate>2021</enddate><creator>Tokas, Shukun</creator><creator>Owe, Olaf</creator><creator>Ramezanifarkhani, Toktam</creator><scope>3HK</scope></search><sort><creationdate>2021</creationdate><title>Static checking of GDPR-related privacy compliance for object-oriented distributed systems</title><author>Tokas, Shukun ; Owe, Olaf ; Ramezanifarkhani, Toktam</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-cristin_nora_10852_911273</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>nor</language><creationdate>2021</creationdate><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Tokas, Shukun</creatorcontrib><creatorcontrib>Owe, Olaf</creatorcontrib><creatorcontrib>Ramezanifarkhani, Toktam</creatorcontrib><collection>NORA - Norwegian Open Research Archives</collection><jtitle>Journal of logical and algebraic methods in programming</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Tokas, Shukun</au><au>Owe, Olaf</au><au>Ramezanifarkhani, Toktam</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Static checking of GDPR-related privacy compliance for object-oriented distributed systems</atitle><jtitle>Journal of logical and algebraic methods in programming</jtitle><date>2021</date><risdate>2021</risdate><issn>2352-2208</issn><abstract>The adoption of information technology in foremost sectors of human activity such as banking, healthcare, education, governance etc., increases the amount of data collected and processed to enable these services. With the convenience the technology offers, it also brings increased challenges pertaining to the privacy. In response to these emerging privacy concerns, the European Union has approved the General Data Protection Regulation (GDPR) to strengthen data protection across the European Union. This regulation requires individuals and organizations that process personal data of EU citizens or provide services in EU, to comply with the privacy requirements in the GDPR. However, the privacy policies stating how personal information will be handled to meet regulations as well as organizational objectives, are given in natural language statements. To demonstrate a program's compliance with privacy policies, a link should be established between policy statements and the program code, with the support of a formalized analysis.
Based on this vision, we formalize a notion of privacy policies and a notion of compliance for the setting of object-oriented distributed systems. For this we provide explicit constructs to specify constituents of privacy policies (i.e., principal, purpose, access right) on personal data. We present a policy specification language and a formalization of privacy compliance, as well as a high-level modeling language for distributed systems extended with support for policies. We define a type and effect system for static checking of compliance of privacy policies and show soundness of this analysis based on an operational semantics. Finally, we prove a progress property.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 2352-2208 |
| ispartof | Journal of logical and algebraic methods in programming, 2021 |
| issn | 2352-2208 |
| language | nor |
| recordid | cdi_cristin_nora_10852_91127 |
| source | NORA - Norwegian Open Research Archives; Alma/SFX Local Collection |
| title | Static checking of GDPR-related privacy compliance for object-oriented distributed systems |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-17T16%3A30%3A20IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-cristin&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Static%20checking%20of%20GDPR-related%20privacy%20compliance%20for%20object-oriented%20distributed%20systems&rft.jtitle=Journal%20of%20logical%20and%20algebraic%20methods%20in%20programming&rft.au=Tokas,%20Shukun&rft.date=2021&rft.issn=2352-2208&rft_id=info:doi/&rft_dat=%3Ccristin%3E10852_91127%3C/cristin%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |