Security policy refinement using data integration: a position paper.

In spite of the wide adoption of policy-based approaches for security management, and many existing treatments of policy verification and analysis, relatively little attention has been paid to policy refinement: the problem of deriving lower-level, runnable policies from higher-level policies, policy goals, and specifications. In this paper we present our initial ideas on this task, using and adapting concepts from data integration. We take a view of policies as governing the performance of an action on a target by a subject, possibly with certain conditions. Transformation rules are applied to these components of a policy in a structured way, in order to translate the policy into more refined terms; the transformation rules we use are similar to those of global-as-view database schema mappings, or to extensions thereof. We illustrate our ideas with an example. Copyright 2009 ACM

Diseño de Reglas Gramaticales para Transformar Documentos Técnicos Corporativos Escritos en Lenguaje Natural en Discursos Controlados

La educción de requisitos es una de las fases más importantes en el proceso de desarrollo de software. La revisión de documentos es una de las técnicas menos usadas para educir requisitos. La literatura sugiere usarla en esta fase sobre descripciones del dominio y documentos corporativos. Aplicando esta técnica, los analistas pueden extraer conocimiento del dominio e información del negocio. En este artículo se define un marco estructural de un tipo de documento técnico corporativo, relacionado con la especificación de procedimientos. A partir de este marco, se propone un conjunto de reglas gramaticales para transformar ciertas secciones del documento técnico en un discurso en el lenguaje controlado UN-Lencep. Estas reglas se pueden aplicar posteriormente en procesos de educción de requisitos a partir de la técnica de revisión de documentos

Automating identification of potentially problematic privacy policies

Almost every website, mobile application or cloud service requires users to agree to a privacy policy, or similar terms of service, detailing how the developer or service provider will handle user data, and the purposes for which it will be used. Many past works have criticised these documents on account of their length, excessively complex wording, or the simple fact that users typically do not read or understand them, and that potentially invasive or wide-reaching terms are included in these policies. In this paper, we present our automated approach and tool to gather and analyse these policies, and highlight some interesting considerations for these documents, specifically those surrounding past legal rulings over the enforceability of some specific and widely-used contract terms --- the ability for terms to be changed without directly notifying users (and presumed continued use indicates acceptance), and the protections in place in the event of a sale or acquisition of a company. We highlight the concerns these pose to user privacy and choice, and the extent to which these terms are found in policies and documents from many popular websites. We use our tool to highlight the extent to which these terms are found, and the extent of this potential problem, and explore potential solutions to the challenge of regulating user privacy via such contracts in an era where mobile devices contain significant quantities of highly sensitive personal data, which is highly desirable to service operators, as a core valuation asset of their company

An Expertise-driven Authoring Tool of Privacy Policies for e-Health

Data sharing on the Internet is crucial in manyaspects of nowadays life, from economy to leisure, from public administration to healthcare. However, it implies several privacy issues that have to be managed. Definition of appropriate policies helps to safeguard the data privacy. This paper describes an authoring tool for privacy policies to be applied to the healthcare scenario. The tool exhibits two different interfaces, designed according to specific expertise of the policy authors. It is part of a general framework for editing, analysis, and enforcement of privacy policies. Furthermore, this serves as a first brick for a usability study on such tools

User-driven Privacy Enforcement for Cloud-based Services in the Internet of Things

Internet of Things devices are envisioned to penetrate essentially all aspects of life, including homes and urbanspaces, in use cases such as health care, assisted living, and smart cities. One often proposed solution for dealing with the massive amount of data collected by these devices and offering services on top of them is the federation of the Internet of Things and cloud computing. However, user acceptance of such systems is a critical factor that hinders the adoption of this promising approach due to severe privacy concerns. We present UPECSI, an approach for user-driven privacy enforcement for cloud-based services in the Internet of Things to address this critical factor. UPECSI enables enforcement of all privacy requirements of the user once her sensitive data leaves the border of her network, provides a novel approach for the integration of privacy functionality into the development process of cloud-based services, and offers the user an adaptable and transparent configuration of her privacy requirements. Hence, UPECSI demonstrates an approach for realizing user-accepted cloud services in the Internet of Things.Comment: 6 pages, 2 figures, 1 listing. The 2nd International Conference on Future Internet of Things and Cloud (FiCloud-2014

Decomposition techniques for policy refinement.

The automation of policy refinement, whilst promising great benefits for policy-based management, has hitherto received relatively little treatment in the literature, with few concrete approaches emerging. In this paper we present initial steps towards a framework for automated distributed policy refinement for both obligation and authorization policies. We present examples drawn from military scenarios, describe details of our formalism and methods for action decomposition, and discuss directions for future research. © 2010 IEEE.Accepted versio

Automating identification of potentially problematic privacy policies

Almost every website, mobile application or cloud service requires users to agree to a privacy policy, or similar terms of service, detailing how the developer or service provider will handle user data, and the purposes for which it will be used. Many past works have criticised these documents on account of their length, excessively complex wording, or the simple fact that users typically do not read or understand them, and that potentially invasive or wide-reaching terms are included in these policies. In this paper, an automated approach and tool to gather and analyse these policies is presented, and some important considerations for these documents are highlighted, specifically those surrounding past legal rulings over the enforceability of some specific and widely-used contract terms - the ability for terms to be changed without directly notifying users (and presumed continued use indicates acceptance), and the protections in place in the event of a sale or acquisition of a company. The concerns these pose to user privacy and choice are highlighted, as well as the extent to which these terms are found in policies and documents from many popular websites. This tool was used to highlight how commonly these terms are found, and the extent of this potential problem, and explore potential solutions to the challenge of regulating user privacy via such contracts in an era where mobile devices contain significant quantities of highly sensitive personal data, which is highly desirable to service operators, as a core valuation asset of their company

On Compliance of Cookie Purposes with the Purpose Specification Principle

International audienceThe enforcement of the General Data Protection Regulation and the ePrivacy Directive relies upon auditing legal compliance of websites. Data controllers, as part of their accountability and transparency obligations, need to declare the purposes of cookies that they use in their websites. This leads to relevant questions such as: How should purposes be described according to the purpose specification principle? And how to ensure a scalable auditing, enabled by automated means, for legal compliance of cookie purposes? In this paper, we investigate the legal compliance of purposes for 20,218 third-party cookies. Surprisingly, only 12.85% of third-party cookies have a corresponding cookie policy where a cookie is even mentioned. Overall, we find out that purposes declared in cookie policies do not comply with the purpose specification principle in 95% of cases in our automatized audit. Finally, we provide recommendations on standardized specification of purposes following the recent draft recommendation of the French Data Protection Authority (CNIL) on cookies

The control over personal data: True remedy or fairy tale ?

This research report undertakes an interdisciplinary review of the concept of "control" (i.e. the idea that people should have greater "control" over their data), proposing an analysis of this con-cept in the field of law and computer science. Despite the omnipresence of the notion of control in the EU policy documents, scholarly literature and in the press, the very meaning of this concept remains surprisingly vague and under-studied in the face of contemporary socio-technical environments and practices. Beyond the current fashionable rhetoric of empowerment of the data subject, this report attempts to reorient the scholarly debates towards a more comprehensive and refined understanding of the concept of control by questioning its legal and technical implications on data subject\^as agency