Compliance to data protection and purpose control using process mining technique

The business processes of an organisation are executed incertain boundaries. Some of the restrictions are raised from the environment of the organisations such as regulatory and supervisory constraints. One of the regulations that is imposed on organisations is theEuropean General Data Protection Regulation (GDPR). The most important aspect of the GDPR rules is how organisations handle personaldata of their customers. In this research, we focus on this aspect of theGDPR. Our goal is to develop a solution that enables organisations todeal with the challenges of becoming compliant with GDPR. We plan touse and improve process mining techniques to tackle the problems suchas discovering data-flow and control-flow of business processes that haveinteraction with personal data of customers. Our approach consists offour phases: (1) discover process model based on purpose, (2) translateregulatory rules to technical rules, (3) develop privacy policy model baseon the GDPR, (4) conformance analysisThe business processes of an organisation are executed in certain boundaries. Some of the restrictions are raised from the environment of the organisations such as regulatory and supervisory constraints. One of the regulations that is imposed on organisations is the European General Data Protection Regulation (GDPR). The most important aspect of the GDPR rules is how organisations handle personal data of their customers. In this research, we focus on this aspect of the GDPR. Our goal is to develop a solution that enables organisations to deal with the challenges of becoming compliant with GDPR. We plan to use and improve process mining techniques to tackle the problems such as discovering data-flow and control-flow of business processes that have interaction with personal data of customers. Our approach consists of four phases: (1) discover process model based on purpose, (2) translate regulatory rules to technical rules, (3) develop privacy policy model base on the GDPR, (4) conformance analysis

Compliance to data protection and purpose control using process mining technique

The business processes of an organisation are executed incertain boundaries. Some of the restrictions are raised from the environment of the organisations such as regulatory and supervisory constraints. One of the regulations that is imposed on organisations is theEuropean General Data Protection Regulation (GDPR). The most important aspect of the GDPR rules is how organisations handle personaldata of their customers. In this research, we focus on this aspect of theGDPR. Our goal is to develop a solution that enables organisations todeal with the challenges of becoming compliant with GDPR. We plan touse and improve process mining techniques to tackle the problems suchas discovering data-flow and control-flow of business processes that haveinteraction with personal data of customers. Our approach consists offour phases: (1) discover process model based on purpose, (2) translateregulatory rules to technical rules, (3) develop privacy policy model baseon the GDPR, (4) conformance analysisThe business processes of an organisation are executed in certain boundaries. Some of the restrictions are raised from the environment of the organisations such as regulatory and supervisory constraints. One of the regulations that is imposed on organisations is the European General Data Protection Regulation (GDPR). The most important aspect of the GDPR rules is how organisations handle personal data of their customers. In this research, we focus on this aspect of the GDPR. Our goal is to develop a solution that enables organisations to deal with the challenges of becoming compliant with GDPR. We plan to use and improve process mining techniques to tackle the problems such as discovering data-flow and control-flow of business processes that have interaction with personal data of customers. Our approach consists of four phases: (1) discover process model based on purpose, (2) translate regulatory rules to technical rules, (3) develop privacy policy model base on the GDPR, (4) conformance analysis

A conditional role-involved purpose-based access control model

This paper presents a role-involved conditional purpose-based access control (RCPBAC) model, where a purpose is defined as the intension of data accesses or usages. RCPBAC allows users using some data for certain purpose with conditions. The structure of RCPBAC model is defined and investigated. An algorithm is developed to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects) and is illustrated with role-based access control (RBAC) to support RCPBAC. According to this model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers' data. It extends traditional access control models to a further coverage of privacy preserving in data mining environment as RBAC is one of the most popular approach towards access control to achieve database security and available in database management systems. The structure helps enterprises to circulate clear privacy promise, to collect and manage user preferences and consent

Implanting Life-Cycle Privacy Policies in a Context Database

Ambient intelligence (AmI) environments continuously monitor surrounding individuals' context (e.g., location, activity, etc.) to make existing applications smarter, i.e., make decision without requiring user interaction. Such AmI smartness ability is tightly coupled to quantity and quality of the available (past and present) context. However, context is often linked to an individual (e.g., location of a given person) and as such falls under privacy directives. The goal of this paper is to enable the difficult wedding of privacy (automatically fulfilling users' privacy whishes) and smartness in the AmI. interestingly, privacy requirements in the AmI are different from traditional environments, where systems usually manage durable data (e.g., medical or banking information), collected and updated trustfully either by the donor herself, her doctor, or an employee of her bank. Therefore, proper information disclosure to third parties constitutes a major privacy concern in the traditional studies

Requirements for the conceptual design of advanced underground coal extraction systems

Conceptual design requirements are presented for underground coal mining systems having substantially improved performance in the areas of production cost and miner safety. Mandatory performance levels are also set for miner health, environmental impact, and coal recovery. In addition to mandatory design goals and constraints, a number of desirable system characteristics are identified which must be assessed in terms of their impact on production cost and their compatibility with other system elements. Although developed for the flat lying, moderately thick seams of Central Appalachia, these requirements are designed to be easily adaptable to other coals

Remote sensing in Michigan for land resource management

The Environmental Research Institute of Michigan is conducting a program whose goal is the large-scale adoption, by both public agencies and private interests in Michigan, of NASA earth-resource survey technology as an important aid in the solution of current problems in resource management and environmental protection. During the period from June 1975 to June 1976, remote sensing techniques to aid Michigan government agencies were used to achieve the following major results: (1) supply justification for public acquisition of land to establish the St. John's Marshland Recreation Area; (2) recommend economical and effective methods for performing a statewide wetlands survey; (3) assist in the enforcement of state laws relating to sand and gravel mining, soil erosion and sedimentation, and shorelands protection; (4) accomplish a variety of regional resource management actions in the East Central Michigan Planning and Development Region. Other tasks on which remote sensing technology was used include industrial and school site selection, ice detachment in the Soo Harbor, grave detection, and data presentation for wastewater management programs