Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CORR
2011
Springer
2011
Springer
On the Semantics of Purpose Requirements in Privacy Policies
Privacy policies often place requirements on the purposes for which a governed entity may use personal information. For example, regulations, such as HIPAA, require that hospital employees use medical information for only certain purposes, such as treatment. Thus, using formal or automated methods for enforcing privacy policies requires a semantics of purpose requirements to determine whether an action is for a purpose or not. We provide such a semantics using a formalism based on planning. We model planning using a modified version of Markov Decision Processes, which exclude redundant actions for a formal definition of redundant. We use the model to formalize when a sequence of actions is only for or not for a purpose. This semantics enables us to provide an algorithm for automating auditing, and to describe formally and compare rigorously previous enforcement methods. This research was supported by the US Army Research Office under grant numbers W911NF0910273 and DAAD190210389. Th...
Real-time TrafficRelated Content
| Added | 28 May 2011 |
| Updated | 28 May 2011 |
| Type | Journal |
| Year | 2011 |
| Where | CORR |
| Authors | Michael Carl Tschantz, Anupam Datta, Jeannette M. Wing |
Comments (0)
Researcher Info
|
