Publisher DOI: 10.1007/978-3-030-22312-0_24
Title: Automatically proving purpose limitation in software architectures
Language: English
Authors: Bavendiek, Kai 
Wittner, Florian 
Schwaneberg, Thea 
Behrendt, Christian Alexander 
Schulz, Wolfgang 
Federrath, Hannes 
Schupp, Sibylle 
Mueller, Tobias 
Issue Date: 2019
Source: IFIP Advances in Information and Communication Technology (562): 345-358 (2019)
Part of Series: IFIP advances in information and communication technology 
Abstract (english): 
The principle of purpose limitation is one of the corner stones in the European General Data Protection Regulation. Automatically verifying whether a software architecture is capable of collecting, storing, or otherwise processing data without a predefined, precise, and valid purpose, and more importantly, whether the software architecture allows for re-purposing the data, greatly helps designers, makers, auditors, and customers of software. In our case study, we model the architecture of an existing medical register that follows a rigid Privacy by Design approach and assess its capability to process data only for the defined purposes. We demonstrate the process by verifying one instance that satisfies purpose limitation and two that are at least critical cases. We detect a violation scenario where data belonging to a purpose-specific consent are passed on for a different and maybe even incompatible purpose.
Conference: IFIP International Conference on ICT Systems Security and Privacy Protection, SEC 2019 
ISBN: 978-303022311-3
ISSN: 1868-422X
Institute: Softwaresysteme E-16 
Document Type: Chapter/Article (Proceedings)
More Funding information: The work is part of the Information Governance Technologies project which is funded by the Behörde für Wissenschaft, Forschung und Gleichstellung.
Appears in Collections:Publications without fulltext

Show full item record

Page view(s)

Last Week
Last month
checked on Aug 4, 2021


Last Week
Last month
checked on Jul 31, 2021

Google ScholarTM


Add Files to Item

Note about this record

Cite this record


Items in TORE are protected by copyright, with all rights reserved, unless otherwise indicated.