Options
Privacy Compliance Via Model Transformations
Publikationstyp
Conference Paper
Date Issued
2018-04
Sprache
English
Start Page
120
End Page
126
Citation
IEEE European Symposium on Security and Privacy Workshops, EURO S and PW (2018)
Contribution to Conference
Publisher DOI
Scopus ID
Due to the upcoming, more restrictive regulations (like the European GDPR), designing privacy preserving architectures for information systems is becoming a pressing concern for practitioners. In particular, verifying that a design is compliant with the regulations might be a challenging task for engineers. This work presents an approach based on model transformations, which guarantee that an architectural design encompasses regulation-oriented principles such as purpose limitation, or accountability of the data controller. Our work improves the state of the art along two main dimensions. The approach we propose (i) embeds privacy principles coming from regulations, thus helping to bridge the gap between the technical and the legal worlds, (ii) systematize the embedding of the privacy principles coming from regulations, thus enabling a constructive approach to privacy by design.
Subjects
GDPR
MDE
Privacy-by-design