A dynamic logic for privacy compliance (bibtex)
by Guillaume Aucher, Guido Boella, Leendert van der Torre
Abstract:
Knowledge based privacy policies are more declarative than traditional action based ones, because they specify only what is permitted or forbidden to know, and leave the derivation of the permitted actions to a security monitor. This inference problem is already non trivial with a static privacy policy, and becomes challenging when privacy policies can change over time. We therefore introduce a dynamic modal logic that permits not only to reason about permitted and forbidden knowledge to derive the permitted actions, but also to represent explicitly the declarative privacy policies together with their dynamics. The logic can be used to check both regulatory and behavioral compliance, respectively by checking that the permissions and obligations set up by the security monitor of an organization are not in conflict with the privacy policies, and by checking that these obligations are indeed enforced.
Reference:
A dynamic logic for privacy compliance (Guillaume Aucher, Guido Boella, Leendert van der Torre), In Artif. Intell. Law, volume 19, 2011.
Bibtex Entry:
@Article{Aucher2011a,
  Title                    = {A dynamic logic for privacy compliance},
  Author                   = {Guillaume Aucher and Guido Boella and Leendert van der Torre},
  Journal                  = {Artif. Intell. Law},
  Year                     = {2011},
  Number                   = {2-3},
  Pages                    = {187-231},
  Volume                   = {19},

  Abstract                 = {Knowledge based privacy policies are more declarative than traditional action based ones, because they specify only what is permitted or forbidden to know, and leave the derivation of the permitted actions to a security monitor. This inference problem is already non trivial with a static privacy policy, and becomes challenging when privacy policies can change over time. We therefore introduce a dynamic modal logic that permits not only to reason about permitted and forbidden knowledge to derive the permitted actions, but also to represent explicitly the declarative privacy policies together with their dynamics. The logic can be used to check both regulatory and behavioral compliance, respectively by checking that the permissions and obligations set up by the security monitor of an organization are not in conflict with the privacy policies, and by checking that these obligations are indeed enforced. },
  Bdsk-url-1               = {http://www.springerlink.com/index/M6TL3832163628H8.pdf},
  Bibsource                = {DBLP, http://dblp.uni-trier.de},
  Date-modified            = {2011-12-21 13:26:20 +0100},
  Ee                       = {http://dx.doi.org/10.1007/s10506-011-9114-3},
  Timestamp                = {2013.07.26},
  Url                      = {http://www.springerlink.com/index/M6TL3832163628H8.pdf}
}
Powered by bibtexbrowser