Aldeco Perez, R. and Moreau, L. (2008) Provenance-based Auditing of Private Data Use. In: International Academic Research Conference, Visions of Computer Science, September 2008, London, UK. (In Press)
Download
![[img]](http://eprints.ecs.soton.ac.uk/style/images/fileicons/application_pdf.png)
| Accepted Version 243Kb |
Abstract
Across the world, organizations are required to comply with regulatory frameworks dictating how to manage personal information. Despite these, several cases of data leaks and exposition of private data to unauthorized recipients have been publicly and widely advertised. For authorities and system administrators to check compliance to regulations, auditing of private data processing becomes crucial in IT systems. Finding the origin of some data, determining how some data is being used, checking that the processing of some data is compatible with the purpose for which the data was captured are typical functionality that an auditing capability should support, but difficult to implement in a reusable manner. Such questions are so-called provenance questions, where provenance is defined as the process that led to some data being produced. The aim of this paper is to articulate how data provenance can be used as the underpinning approach of an auditing capability in IT systems. We present a case study based on requirements of the Data Protection Act and an application that audits the processing of private data, which we apply to an example manipulating private data in a university.
| Creators: | Rocio Aldeco Perez, Luc Moreau |
|---|---|
| Item Type: | Conference or Workshop Item |
| Research Group: | Intelligence, Agents, Multimedia |
| Deposited On: | 19 Aug 2008 15:09 by Aldeco Perez, Rocio |
| ID Code: | 16580 |
| Last Modified: | 18 Feb 2010 16:07 |
Tools
Metadata
Download Statistics
Members of ECS may view the download statistics dashboard for this record.
Corrections
ECS staff and postgraduates may modify this record
