TUHH Open Research
Help
  • Log In
    New user? Click here to register.Have you forgotten your password?
  • English
  • Deutsch
  • Communities & Collections
  • Publications
  • Research Data
  • People
  • Institutions
  • Projects
  • Statistics
  1. Home
  2. TUHH
  3. Publication References
  4. Automatically proving purpose limitation in software architectures
 
Options

Automatically proving purpose limitation in software architectures

Publikationstyp
Conference Paper
Date Issued
2019
Sprache
English
Author(s)
Bavendiek, Kai  
Wittner, Florian  
Schwaneberg, Thea  
Behrendt, Christian Alexander  
Schulz, Wolfgang  
Federrath, Hannes  
Schupp, Sibylle  
Mueller, Tobias  
Institut
Softwaresysteme E-16  
TORE-URI
http://hdl.handle.net/11420/2958
First published in
IFIP advances in information and communication technology  
Start Page
345
End Page
358
Citation
IFIP Advances in Information and Communication Technology (562): 345-358 (2019)
Contribution to Conference
IFIP International Conference on ICT Systems Security and Privacy Protection, SEC 2019  
Publisher DOI
10.1007/978-3-030-22312-0_24
Scopus ID
2-s2.0-85068240256
The principle of purpose limitation is one of the corner stones in the European General Data Protection Regulation. Automatically verifying whether a software architecture is capable of collecting, storing, or otherwise processing data without a predefined, precise, and valid purpose, and more importantly, whether the software architecture allows for re-purposing the data, greatly helps designers, makers, auditors, and customers of software. In our case study, we model the architecture of an existing medical register that follows a rigid Privacy by Design approach and assess its capability to process data only for the defined purposes. We demonstrate the process by verifying one instance that satisfies purpose limitation and two that are at least critical cases. We detect a violation scenario where data belonging to a purpose-specific consent are passed on for a different and maybe even incompatible purpose.
More Funding Information
The work is part of the Information Governance Technologies project which is funded by the Behörde für Wissenschaft, Forschung und Gleichstellung.
TUHH
Weiterführende Links
  • Contact
  • Send Feedback
  • Cookie settings
  • Privacy policy
  • Impress
DSpace Software

Built with DSpace-CRIS software - Extension maintained and optimized by 4Science
Design by effective webwork GmbH

  • Deutsche NationalbibliothekDeutsche Nationalbibliothek
  • ORCiD Member OrganizationORCiD Member Organization
  • DataCiteDataCite
  • Re3DataRe3Data
  • OpenDOAROpenDOAR
  • OpenAireOpenAire
  • BASE Bielefeld Academic Search EngineBASE Bielefeld Academic Search Engine
Feedback