Automatically Proving Purpose Limitation in Software Architectures
Standard
Automatically Proving Purpose Limitation in Software Architectures. / Bavendiek, Kai; Müller, Tobias; Wittner, Florian; Kreutzburg, Thea; Behrendt, Christian-Alexander; Schulz, Wolfgang; Federrath, Hannes; Schupp, Sibylle.
ICT Systems Security and Privacy Protection: 34th IFIP TC 11 International Conference, SEC 2019, Lisbon, Portugal, June 25-27, 2019, Proceedings. Hrsg. / Gurpreet Dhillon; Fredrik Karlsson; Karin Hedström; André Zúquete. Band 562 Springer, 2019. S. 345-358 (IFIP Advances in Information and Communication Technology).Publikationen: SCORING: Beitrag in Buch/Sammelwerk › SCORING: Beitrag in Sammelwerk › Forschung › Begutachtung
Harvard
APA
Vancouver
Bibtex
}
RIS
TY - CHAP
T1 - Automatically Proving Purpose Limitation in Software Architectures
AU - Bavendiek, Kai
AU - Müller, Tobias
AU - Wittner, Florian
AU - Kreutzburg, Thea
AU - Behrendt, Christian-Alexander
AU - Schulz, Wolfgang
AU - Federrath, Hannes
AU - Schupp, Sibylle
PY - 2019/6/5
Y1 - 2019/6/5
N2 - The principle of purpose limitation is one of the corner stones in the European General Data Protection Regulation. Automatically verifying whether a software architecture is capable of collecting, storing, or otherwise processing data without a predefined, precise, and valid purpose, and more importantly, whether the software architecture allows for re-purposing the data, greatly helps designers, makers, auditors, and customers of software. In our case study, we model the architecture of an existing medical register that follows a rigid Privacy by Design approach and assess its capability to process data only for the defined purposes. We demonstrate the process by verifying one instance that satisfies purpose limitation and two that are at least critical cases. We detect a violation scenario where data belonging to a purpose-specific consent are passed on for a different and maybe even incompatible purpose.
AB - The principle of purpose limitation is one of the corner stones in the European General Data Protection Regulation. Automatically verifying whether a software architecture is capable of collecting, storing, or otherwise processing data without a predefined, precise, and valid purpose, and more importantly, whether the software architecture allows for re-purposing the data, greatly helps designers, makers, auditors, and customers of software. In our case study, we model the architecture of an existing medical register that follows a rigid Privacy by Design approach and assess its capability to process data only for the defined purposes. We demonstrate the process by verifying one instance that satisfies purpose limitation and two that are at least critical cases. We detect a violation scenario where data belonging to a purpose-specific consent are passed on for a different and maybe even incompatible purpose.
UR - https://link.springer.com/chapter/10.1007/978-3-030-22312-0_24
M3 - SCORING: Beitrag in Sammelwerk
SN - 978-3-030-22311-3
VL - 562
T3 - IFIP Advances in Information and Communication Technology
SP - 345
EP - 358
BT - ICT Systems Security and Privacy Protection
A2 - Dhillon, Gurpreet
A2 - Karlsson, Fredrik
A2 - Hedström, Karin
A2 - Zúquete, André
PB - Springer
ER -