Conference Paper

Conceptual Framework and Architecture for Privacy Audit

Conference: Annual Privacy Forum

ABSTRACT Many ICT applications involve the collection of personal information or in-formation on the behaviour of customers, users, employees, citizens, or pa-tients. The organisations that collect this data need to manage the privacy of these individuals. In many organisations there are insufficient data protection measures and a low level of trust among those whose data are concerned. It is often difficult and burdensome for organisations to prove privacy compliance and accountability especially in situations that cross national boundaries and involve a number of different legal systems governing privacy. In response to these obstacles, we describe instruments facilitating accountability, audit, and meaningful certification. These instruments are based on a set of fundamental data protection goals (DPG): availability, integrity, confidentiality, transpar-ency, intervenability, and unlinkability. By using the data protection goals instead of focusing on fragmented national privacy regulations, a well defined set of privacy metrics can be identified recognising privacy by design re-quirements and widely accepted certification criteria. We also describe a nov-el conceptual framework and architecture for defining comprehensive priva-cy compliance metrics and providing assessment tools for ICT applications and services using as much automation as possible. The proposed metrics and tools will identify gaps, provide clear suggestions and will assist audit and certification to support informed decisions on the trustworthiness of ICT for citizens and businesses.

  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: In the context of Model Driven Engineering, models are the main development artifacts and model transformations are among the most important operations applied to models. A number of specialized languages have been proposed, aimed at specifying model transformations. Apart from the software engineering properties of transformation languages, the availability of high quality tool support is also of key importance for the industrial adoption and ultimate success of MDE. In this paper we present ATL: a model transformation language and its execution environment based on the Eclipse framework. ATL tools provide support for the major tasks involved in using a language: editing, compiling, executing, and debugging.
    Science of Computer Programming 06/2008; DOI:10.1016/j.scico.2007.08.002 · 0.55 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: t-Closeness is a privacy model recently defined for data anonymization. A data set is said to satisfy t-closeness if, for each group of records sharing a combination of key attributes, the distance between the distribution of a confidential attribute in the group and the distribution of the attribute in the entire data set is no more than a threshold t. Here, we define a privacy measure in terms of information theory, similar to t-closeness. Then, we use the tools of that theory to show that our privacy measure can be achieved by the postrandomization method (PRAM) for masking in the discrete case, and by a form of noise addition in the general case. Postprint (published version)
    IEEE Transactions on Knowledge and Data Engineering 11/2010; 22(11):1623-1636. DOI:10.1109/TKDE.2009.190 · 1.82 Impact Factor


Available from
May 22, 2014