Zusammenfassung
Der Beitrag befasst sich mit der Entwicklung eines Frühwarnsystems zur vorzeitigen Entdeckung von Verletzungen der Privatsphäre in „Business Compliance“ und zeigt die Anwendbarkeit dieses Verfahrens am Beispiel der Anonymität. Hierzu wird ein Referenzmonitor vorgestellt, der das Risiko, ausgedrückt als Eintrittswahrscheinlichkeit, einer zukünftigen Regelverletzung vor ihrem Eintritt automatisch berechnet und warnt, wenn die Ausführung als gefährlich eingestuft wird.
Abstract
The paper reports on a reference monitor for early warning risk determination for privacy violations in the context of business compliance and demonstrates its applicability in the particular case of anonymity. To this end, the monitor detects system executions that potentially lead to incompliant states before the actual violation by determining the risk they pose to compliance goals and warning officers responsible for compliance about risky executions. In doing so, the presented monitor is a novel technique to automate some of the tasks involved in guaranteeing compliance.
This is a preview of subscription content, log in via an institution to check access.
Notes
The existence of such an event history is considered in theoretical approaches on monitoring investigating the decidability capabilities of the monitor (Hamlen et al. 2006). The authors are not aware of practical approaches addressing this issue.
Literatur
Accorsi, Rafael (2006): On the Relationship of Privacy and Secure Remote Logging in Dynamic Systems. In: Fischer-Huebner, Simone; Rannenberg, Kai; Yngstroem, Louise; Lindskog, Stefan (Eds.): International Federation for Information Processing, Security and Privacy in Dynamic Environments vol. 2001, Springer-Verlag, pp. 329–339.
Accorsi, Rafael (2008): Automated Audits to Complement the Notion of Control for Identity Management. In: deLeeuw, Elisabeth; Fischer-Huebner, Simone; Iseng, Jimmy; Borking, John (Eds.): Policies and Research in Identity Management, vol. 261 of IFIP, Springer, pp. 39–48.
Ashley, Paul; Hada, Satoshi; Karjoth, Guenter; Powers, Calvin; Schunter, Matthias (2003): Enterprise Privacy Authorization Language. IBM Research Report, IBM, Zurich.
Bishop, Matt; Bhumiratana, Bhune; Crawford, Rick; Levitt, Carl (2004): How to Sanitize Data. In: Proceedings of the 13th IEEE International Workshops Infrastructure for Collaborative Enterprises, o.P, pp. 217–222.
Breaux, Travis; Antón, Annie (2008): Analyzing Regulatory Rules for Privacy and Security Requirements. In: IEEE Transactions of Software Engineering 34 (1), pp. 5–20.
Casassa-Mont, Marco; Pearson, Siani; Bramhall, Pete (2003): Towards Accountable Management of Privacy and Identity Information. In: Snekkenes, Einar; Gollmann, Dieter (Eds.): Proceedings of ESORICS, Lecture Notes in Computer Science vol. 2808, Springer-Verlag, 146–161.
Dalenius, Tore (1986): Finding a Needle in a Haystack– or Identifying Anonymous Census Record. In: Journal of Official Statistics 2 (3): pp. 329–336.
Gama, Pedro; Ferreira, Paulo (2005): Obligation Policies: An Enforcement Platform. In: Proceedings of the 6th International Workshop on Policies for Distributed Systems and Networks, pp. 203–212.
Hamlen, Kevin; Morrisett, Greg; Schneider, Fred (2006): Computability Classes for Enforcement Mechanisms. In: ACM Transactions on Programming Languages and Systems 28 (1), pp. 175–205.
Hillson, David; Simon, Peter (2007): Practical Project Risk Management: The Atom Methodology. Management Concepts, Inc., USA.
Hilty, Manuel; Basin, David; Pretschner, Alexander (2005): On Obligations. In: di Vimercati, Sabrina; Syverson, Paul; Gollmann, Dieter (Eds.): Proceedings of the 10th ESORICS, Lecture Notes in Computer Science, vol. 3679, Springer-Verlag, pp. 98–117.
HIPAA (2008): http://www.hipaa.org, retrieved on 2008-05-07.
Irwin, Keith; Yu, Ting; Winsborough, William (2006): On the Modelling and Analysis of Obligations. In: Proceedings of the 13th ACM Conference in Computer and Communication Security, pp. 134–143.
Kähmer, Martin; Gilliot, Maike (2008a): Extended Privacy Definition Tool. To appear in: Proceedings of 4th Multikonferenz Wirtschaftsinformatik, Lecture Notes in Informatics, Munich.
Kähmer, Martin; Gilliot, Maike (2008b): Automating Privacy Compliance with ExPDT. To appear in: IEEE Conference on E-Commerce Technology, Washington.
Lampson, Butler; Abadi, Martin; Burrows, Michael; Wobber, Edward (1991): Authentication in Distributed Systems: Theory and Practice. In: ACM Operating Systems Review 25 (5), pp. 165–182.
Machanavajjhala, Ashwin; Kifer, Daniel; Gehrke, Johannes; Venkitasubramaniam, Muthuramakrishnan (2007): L-diversity: Privacy beyond k-anonymity. In ACM Transactions of Knowledge Discovery Data 1 (1), pp. 1–52.
Park, Jaehong; Sandhu Ravi (2004): The UCONABC Usage Control Model. In: ACM Transactions on Information and System Security 7 (1), pp. 128–174.
Pretschner, Alexander; Massacci, Fabio; Hilty, Manuel (2007): Usage Control in Service-Oriented Architectures. In: Lambrinoudakis, Costas; Pernul; Günther; Tjoa, A Min (Eds.): Proceedings of the 4th TRUSTBUS, Lecture Notes in Computer Science, vol. 4657, Springer-Verlag, pp. 83–93.
Prokein, Oliver (2008): IT-Risikomanagement. Gabler, Wiesbaden.
Ribeiro, Carlos; Zúquete, André; Ferreira, Paulo (2001): Enforcing Obligations with Security Monitors. In: Qing, Sihan; Okamoto, Tatusaki; Zhou, Jianying: Proceedings of the the 3rd International Conference on Information and Communications Security, Lecture Notes in Computer Science, vol. 2229, Springer-Verlag, pp. 172–176.
Sackmann, Stefan; Strüker, Jens; Accorsi, Rafael (2006): Personalization in Privacy-Aware Highly Dynamic Systems. In: Communications of the ACM 49 (9), pp. 32–38.
Sato, Yoshinori; Kawasaki, Akihiko (2007): An Anonymization Technique with Considering Identification Risk. In: Proceedings of Multimedia, Distributed, Cooperative, and Mobile Symposium, Japan, pp.1182–1189.
Schneider, Fred (2000): Enforceable Security Policies. In: ACM Transactions on Information System Security 3 (1), pp. 30–50.
Sorebo, Gib (2006): A model for Private Section Compliance in Information Security. In: IT Compliance Journal 2, pp. 7–14.
Sweeney, Latanya (2000): Uniqueness of Simple Demographics in the U.S. Population. Research Report in the Carnegie Mellon University, Laboratory for International Data Privacy, Pittsburgh.
Sweeney, Latanya (2002): k-anonymity: a model for protecting privacy. In: International Journal on Uncertainty, Fuzziness and Knowledge-based Systems 10 (5), pp. 557–570.
Takemura, Akimichi (2000): Minimum Unsafe and Maximum Safe Sets of Variables for Disclosure Risk Assessment of Individual Records in a Microdata Set. In: Journal Japan Statistics Society, 32 pp. 107–117.
Takemura, Akimichi (2003): Current Trends in Theoretical Research of Statistical Disclosure Control Problem. In: Proceedings of the Institute of Statistical Mathematics 51 (2), pp. 241–260.
Waterfield, Phebe; Casey, John (2005): The Governance of Compliance: Putting Policies into Practice. Consulting Report of Yankee Group Research Inc, USA.
Willenborg, Leon; de Waal, Ton (2000): Elements of Statistical Disclosure Control. In: Lecture Notes in Statistics 155, Springer-Verlag, New York.
Author information
Authors and Affiliations
Corresponding author
Additional information
Submitted 2007-11-20, after two revisions accepted 2008-05-21 by the editors of the special focus.
Rights and permissions
About this article
Cite this article
Accorsi, R., Sato MSc., Y. & Kai MSc., S. Compliance-Monitor zur Frühwarnung vor Risiken. Wirtsch. Inform. 50, 375–382 (2008). https://doi.org/10.1007/s11576-008-0079-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11576-008-0079-0