Title :
On Parametric Obligation Policies: Enabling Privacy-Aware Information Lifecycle Management in Enterprises
Author :
Mont, Marco Casassa ; Beato, Filipe
Author_Institution :
Hewlett-Packard Lab., Bristol
Abstract :
Enterprises that collect and process personal data must deal with related privacy management issues. It is not just a matter of privacy-aware access control: privacy obligation policies, dictating duties and expectations on how personal data has to be handled, must be considered too. The management of obligation policies is a promising area but it is still underestimated. Enterprises require solutions that enable automation and can leverage their current identity management solutions. HP Labs have been working on this topic in the last few years, also in the context of the EU PRIME project. In this paper we present our recent work on parametric obligation policies and a related obligation management framework to deal with a scalable management of these policies on large amounts of data, stored in distributed data repositories.
Keywords :
business data processing; data privacy; distributed databases; distributed data repositories; enterprise; obligation management; parametric obligation policy; privacy obligation policy; privacy-aware access control; privacy-aware information lifecycle management; Access control; Automation; Costs; Data privacy; Identity management systems; Information management; Laboratories; Prototypes; Research and development; Scalability;
Conference_Titel :
Policies for Distributed Systems and Networks, 2007. POLICY '07. Eighth IEEE International Workshop on
Conference_Location :
Bologna
Print_ISBN :
0-7695-2767-1
DOI :
10.1109/POLICY.2007.30
