Privacy and Utility in Business Processes

11 years 7 months ago
Privacy and Utility in Business Processes
se an abstract model of business processes for the purpose of (i) evaluating privacy policy in light of the goals of the process and (ii) developing automated support for privacy policy compliance and audit. In our model, agents that send and receive tagged personal information are assigned organizational roles and responsibilities. We present approaches and algorithms for determining whether a business process design simultaneously achieves privacy and the goals of the organization (utility). The model also allows us to develop a notion of minimal exposure of personal information, for a given process. We investigate the problem of auditing with inexact information and develop methods to identify a set of potentially culpable individuals when privacy is breached. The audit methods draw on traditional causality concepts to reduce the effort needed to search audit logs for irresponsible actions.
Adam Barth, John C. Mitchell, Anupam Datta, Sharad
Added 02 Jun 2010
Updated 02 Jun 2010
Type Conference
Year 2007
Where CSFW
Authors Adam Barth, John C. Mitchell, Anupam Datta, Sharada Sundaram
Comments (0)