Click here for full text:
An Adaptive Privacy Management System For Data Repositories
Casassa Mont, Marco; Pearson, Siani; Bramhall, Pete
Keyword(s): privacy; privacy enforcement; adaptive system; information flow; data views; data protection; access control; accountability
Abstract: This paper addresses the problem of dealing with privacy management of confidential data stored by enterprises and other organisations. We describe an innovative solution based on an adaptive privacy management system. In this system (arbitrarily complex) data structures are retrieved from standard data repositories, in such a way that parts of these data are obfuscated and associated with privacy policies. Data structures containing confidential data are "first class" objects that can be sent to other parties. Entities that try to access their content can be different from those entities that retrieve these objects. In particular, a Privacy Management Service decides what is visible at a given time for each specific request for content. The visibility of (and access to) the obfuscated data is adaptive, depending on the requestor, the context and purpose. Hence multiple "views" on a data structure can be provided by our system. Our research and development is work in progress; the aim of this paper is to share and describe our current results.
Back to Index