On Parametric Obligation Policies: Enabling Privacy-Aware Information Lifecycle Management in Enterprises
Policies for Distributed Systems and Networks, IEEE International Workshop on (2007)
June 13, 2007 to June 15, 2007
Filipe Beato , Hewlett-Packard Laboratories, UK
Marco Casassa Mont , Hewlett-Packard Laboratories, UK
Enterprises that collect and process personal data must deal with related privacy management issues. It is not just a matter of privacy-aware access control: privacy obligation policies, dictating duties and expectations on how personal data has to be handled, must be considered too. The management of obligation policies is a promising area but it is still underestimated. Enterprises require solutions that enable automation and can leverage their current identity management solutions. HP Labs have been working on this topic in the last few years, also in the context of the EU PRIME project. In this paper we present our recent work on parametric obligation policies and a related obligation management framework to deal with a scalable management of these policies on large amounts of data, stored in distributed data repositories.
Filipe Beato, Marco Casassa Mont, "On Parametric Obligation Policies: Enabling Privacy-Aware Information Lifecycle Management in Enterprises", Policies for Distributed Systems and Networks, IEEE International Workshop on, vol. 00, no. , pp. 51-55, 2007, doi:10.1109/POLICY.2007.30