nach oben

Erschienen in:

2015 | OriginalPaper | Buchkapitel

Patterns in Privacy - A Pattern-Based Approach for Assessments

verfasst von : Jörn Kahrmann, Ina Schiering

Erschienen in: Privacy and Identity Management for the Future Internet in the Age of Globalisation

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The concept of patterns was first developed in the context of architecture and is now widely used in different fields such as software design or workflow design. In the last years the idea of patterns is also used to incorporate privacy in the life-cycle of Information Technology (IT) services. Concerning privacy and security, patterns are mainly used in the design phase of IT services in the form of design patterns. In this paper we propose a pattern-based approach to assess the compliance with privacy regulations continuously during the operation phase of an IT service. The central idea of patterns in this area is to provide an abstract representation of typical automated processing procedures for the processing of personal data. Since these patterns represent abstracted versions of workflows, we use as an illustration diagrams with a notation derived from Business Process Management Notation (BPMN). The aim of the approach presented here is to increase the transparency of assessments for all participants and to allow an easy adjustment of existing assessment results when changes occur.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Privacy by Design – The Case of Automated Border Control

Nächstes Kapitel A Survey on Multimodal Biometrics and the Protection of Their Templates

http://www.verinice.org/.

http://www.2b-advice.com/.

http://www.privacyguard.de/.

http://www.workflowpatterns.com/.

http://privacypatterns.org/.

Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns: Elements of Reusable Object-Oriented Software. Pearson Education, Upper Saddle River (1994)

van der Aalst, W.M.P., ter Hofstede, A.H.M., Kiepuszewski, B., Barros, A.P.: Workflow patterns. Distrib. Parallel Databases 14(1), 5–51 (2003)CrossRef

Riehle, D., Züllighoven, H.: Understanding and using patterns in software development. TAPOS 2(1), 3–13 (1996)

Rodeck, M., Voigt, C., Schnütgen, A., Schiering, I., Decker, R.: Toolgestützte assessments zu datenschutz und datensicherheit in kleinen und mittelständischen unternehmen. In: GI-Jahrestagung, pp. 575–586 (2014)

Federal data protection act in the version promulgated on 14 January 2003 (Federal Law Gazette I, p. 66), as most recently amended by Article 1 of the act of 14 August 2009 (Federal Law Gazette I, p. 2814). http://www.gesetze-im-internet.de/englisch_bdsg/englisch_bdsg.html

Directive 95/46/EC of the European parliament and of the council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:EN:HTML

Proposal for a regulation of the European parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General data protection regulation). http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52012PC0011&from=EN

Bizer, J.: Sieben goldene regeln des datenschutzes. Datenschutz und Datensicherheit-DuD 31(5), 350–356 (2007)CrossRef

Federal office for information security (BSI): BSI-Standards 100–1 100–2 100–3 100–4 (2008). http://www.bsi.bund.de/EN/Publications/BSIStandards/BSIStandards_node.html

10.

Gruber, M.: Isis12 - informationssicherheit für mittelständische unternehmen. In: D-A-C-H Security 2013, Nürnberg, pp. 275–282. syssec (2013)

11.

Humberg, T., Wessel, C., Poggenpohl, D., Wenzel, S., Ruhroth, T., Jürjens, J.: Ontology-based analysis of compliance and regulatory requirements of business processes. In: Proceedings of the 3rd International Conference on Cloud Computing and Services Science (Closer 2013), pp. 553–561. SciTePress (2013)

12.

Houmb, S.H, Braber, F.D, Lund, M.S, Stølen, K.: Towards a UML profile for model-based risk assessment. In: Critical Systems Development with UML-Proceedings of the UML 2002 Workshop, pp. 79–91 (2002)

13.

Lund, M.S., Solhaug, B., Stølen, K.: Model-driven Risk Analysis: the CORAS Approach. Springer, Heidelberg (2010)

14.

Alexander, C., Ishikawa, S., Silverstein, M.: A pattern language: towns, buildings, construction (center for environmental structure series) (1977)

15.

Buschmann, F., Meunier, R., Rohnert, H., Sommerlad, P., Stal, M., Sommerlad, P., Stal, M.: Pattern-oriented software architecture, volume 1: a system of patterns (1996)

16.

Brambilla, M., Fraternali, P., Vaca, C.: BPMN and design patterns for engineering social BPM solutions. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds.) BPM Workshops 2011, Part I. LNBIP, vol. 99, pp. 219–230. Springer, Heidelberg (2012) CrossRef

17.

Hafiz, M.: A pattern language for developing privacy enhancing technologies. Softw.: Pract. Exp. 43(7), 769–787 (2013)

18.

Hafiz, M., Adamczyk, P., Johnson, R.E.: Growing a pattern language (for security). In: Proceedings of the ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software, pp. 139–158. ACM (2012)

19.

Hoepman, J.-H.: Privacy design strategies. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IFIP AICT, vol. 428, pp. 446–459. Springer, Heidelberg (2014) CrossRef

20.

Doty, N., Gupta, M.: Privacy design patterns and anti-patterns patterns misapplied and unintended consequences. http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.385.6907

21.

Business process model and notation (BPMN). Version 2.0. Object Management Group specification (2011)

Titel: Patterns in Privacy - A Pattern-Based Approach for Assessments
verfasst von: Jörn Kahrmann
Ina Schiering
Verlag: Springer International Publishing
Buch: Privacy and Identity Management for the Future Internet in the Age of Globalisation
Print ISBN: 978-3-319-18620-7

Electronic ISBN: 978-3-319-18621-4

Copyright-Jahr: 2015
DOI: https://doi.org/10.1007/978-3-319-18621-4_11

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"