Title :
An Architecture for the Enforcement of Privacy and Security Requirements in Internet-Centric Services
Author :
Diaz-Tellez, Yair ; Bodanese, Eliane L. ; Nair, Srijith K. ; Dimitrakos, Theo
Author_Institution :
Sch. of Electron. Eng. & Comput. Sci., Queen Mary Univ. of London, London, UK
Abstract :
This paper focuses on the problem of how to protect personal data and privacy in the context of internet-centric services. Two main challenges are considered: how to enable individuals to express data protection requirements on their data in a disclosure request; and how to ensure data is actually protected and processed according to the intended purpose of use after being disclosed. As part of our solution, we introduce the notion of a distinctive online service and architectural component, called the Privacy and Security Broker (PSB), responsible for the protection of personal data. The PSB enables a user to express their data protection requirements and translates them into "Data Protection Property Policies" (DPPPs). A high level architecture and the corresponding protocols involving the interaction of the main actors of our solution are presented.
Keywords :
Internet; data privacy; protocols; DPPP; Internet-centric services; PSB; architectural component; data protection property policies; disclosure request; distinctive online service; high level architecture; personal data protection requirements; personal privacy protection; privacy and security broker; privacy requirements; protocols; security requirements; Data privacy; Privacy; Process control; Recruitment; Security; Web services; data protection; information-flow; internet-centric services; privacy; security; user-centric services;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on
Conference_Location :
Liverpool
Print_ISBN :
978-1-4673-2172-3
DOI :
10.1109/TrustCom.2012.72
