Privacy Impact Assessment Template for Provenance

2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI:10.1109/ARES.2016.95

Jenni Reuben, L. Martucci, S. Fischer-Hübner, Heather S. Packer, Hans Hedbom, L. Moreau

{"title":"Privacy Impact Assessment Template for Provenance","authors":"Jenni Reuben, L. Martucci, S. Fischer-Hübner, Heather S. Packer, Hans Hedbom, L. Moreau","doi":"10.1109/ARES.2016.95","DOIUrl":null,"url":null,"abstract":"Provenance data can be expressed as a graph with links informing who and which activities created, used and modified entities. The semantics of these links and domain specific reasoning can support the inference of additional information about the elements in the graph. If such elements include personal identifiers and/or personal identifiable information, then inferences may reveal unexpected links between elements, thus exposing personal data beyond an individual's intentions. Provenance graphs often entangle data relating to multiple individuals. It is therefore a challenge to protect personal data from unintended disclosure in provenance graphs. In this paper, we provide a Privacy Impact Assessment (PIA) template for identifying imminent privacy threats that arise from provenance graphs in an application-agnostic setting. The PIA template identifies privacy threats, lists potential countermeasures, helps to manage personal data protection risks, and maintains compliance with privacy data protection laws and regulations.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 11th International Conference on Availability, Reliability and Security (ARES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2016.95","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

Abstract

Provenance data can be expressed as a graph with links informing who and which activities created, used and modified entities. The semantics of these links and domain specific reasoning can support the inference of additional information about the elements in the graph. If such elements include personal identifiers and/or personal identifiable information, then inferences may reveal unexpected links between elements, thus exposing personal data beyond an individual's intentions. Provenance graphs often entangle data relating to multiple individuals. It is therefore a challenge to protect personal data from unintended disclosure in provenance graphs. In this paper, we provide a Privacy Impact Assessment (PIA) template for identifying imminent privacy threats that arise from provenance graphs in an application-agnostic setting. The PIA template identifies privacy threats, lists potential countermeasures, helps to manage personal data protection risks, and maintains compliance with privacy data protection laws and regulations.

查看原文本刊更多论文

来源隐私影响评估模板

来源数据可以表示为带有链接的图，这些链接告知谁以及哪些活动创建、使用和修改了实体。这些链接的语义和领域特定推理可以支持对图中元素的附加信息的推断。如果这些元素包括个人标识符和/或个人可识别信息，那么推断可能会揭示元素之间意想不到的联系，从而暴露超出个人意图的个人数据。来源图通常会将与多个个体相关的数据纠缠在一起。因此，保护个人数据不受来源图中意外披露是一项挑战。在本文中，我们提供了一个隐私影响评估(PIA)模板，用于识别在与应用程序无关的设置中由来源图产生的迫在眉睫的隐私威胁。PIA模板识别隐私威胁，列出可能的应对措施，帮助管理个人数据保护风险，并保持对隐私数据保护法律法规的遵从。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 11th International Conference on Availability, Reliability and Security (ARES)

自引率

0.00%

发文量