Skip to main content
SpringerLink
Log in

A Lifecycle for Data Sharing Agreements: How it Works Out

  • Conference paper
  • First Online:
Book cover Privacy Technologies and Policy (APF 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9857))

Included in the following conference series:

Abstract

An electronic Data Sharing Agreement (DSA) is a human-readable, yet machine-processable contract, regulating how organizations and/or individuals share data. In past work, we have shed light on DSA engineering, i.e., the process of studying how data sharing is ruled in traditional legal human-readable contracts and mapping their fields (and rules) into formats that are machine-processable, leading to the transposition of a traditional legal contract into the electronic DSA. However, the definition of an electronic DSA is only the starting point of a complex DSA lifecycle, driving the contract from its creation to (1) an analysis phase, where the DSA rules are checked against conflicts; and (2) a mapping phase, where the analysed rules are transposed into privacy policies expressed in enforceable languages. This paper presents our vision for the architectural definition of a DSA system, where a lifecycle manager orchestrates: an authoring tool for legal experts, policy experts, and end users; an analyser for checking consistency of the DSA rules; a mapper for encoding rules in a low level language amenable for enforcement.

The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007–2013) under grant no 610853 (Coco Cloud).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Arenas, A.E., Aziz, B., Bicarregui, J., Wilson, M.D.: An Event-B approach to data sharing agreements. In: Méry, D., Merz, S. (eds.) IFM 2010. LNCS, vol. 6396, pp. 28–42. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  2. Feige, U., Arenas, A.E., Aziz, B., Massonet, P., Ponsard, C.: Towards modelling obligations in Event-B. In: Börger, E., Butler, M., Bowen, J.P., Boca, P. (eds.) ABZ 2008. LNCS, vol. 5238, pp. 181–194. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  3. Brodie, C., et al.: The coalition policy management portal for policy authoring, verification, and deployment. In: POLICY, pp. 247–249 (2008)

    Google Scholar 

  4. Casassa Mont, M., Matteucci, I., Petrocchi, M., Sbodio, M.L.: Enabling data sharing in the Cloud. HP Labs Technical report HPL-2012-22 (2012)

    Google Scholar 

  5. Craven, R., et al.: Expressive policy analysis with enhanced system dynamicity. In: ASIACCS (2009)

    Google Scholar 

  6. Hansen, R.R., Nielson, F., Nielson, H.R., Probst, C.W.: Static validation of licence conformance policies. In: ARES, pp. 1104–1111 (2008)

    Google Scholar 

  7. Kaljurand, K.: Attempto Controlled English as a Semantic Web Language. Ph.D. thesis, in Mathematics and Computer Science, Tartu Univ. (2007)

    Google Scholar 

  8. Lunardelli, A., Matteucci, I., Mori, P., Petrocchi, M.: A prototype for solving conflicts in XACML-based e-Health policies. In: Proceedings of the 26th IEEE International Symposium on Computer-Based Medical Systems, pp. 449–452 (2013)

    Google Scholar 

  9. Lupu, E.C., Sloman, M.: Conflicts in policy-based distributed systems management. IEEE Trans. Softw. Eng. 25(6), 852–869 (1999)

    Article  Google Scholar 

  10. Martinelli, F., Matteucci, I.: Preserving security properties under refinement. In: The 7th International Workshop on Software Engineering for Secure Systems, SESS (2011)

    Google Scholar 

  11. Martinelli, F., Matteucci, I., Petrocchi, M., Wiegand, L.: A formal support for collaborative data sharing. In: Quirchmayr, G., Basl, J., You, I., Xu, L., Weippl, E. (eds.) CD-ARES 2012. LNCS, vol. 7465, pp. 547–561. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  12. Matteucci, I., Mori, P., Petrocchi, M., Wiegand, L.: Controlled data sharing in E-health. In: Socio Technical Aspects in Security and Trust, pp. 17–23. IEEE (2011)

    Google Scholar 

  13. Matteucci, I., Mori, P., Petrocchi, M.: Prioritized execution of privacy policies. In: Herranz, J., Damiani, E., State, R., Pietro, R. (eds.) DPM 2012 and SETOP 2012. LNCS, vol. 7731, pp. 133–145. Springer, Heidelberg (2013)

    Google Scholar 

  14. Matteucci, I., Petrocchi, M., Sbodio, M.L.: CNL4DSA: a controlled natural language for data sharing agreements. In: SAC Privacy on The Web (2010)

    Google Scholar 

  15. Matteucci, I., Petrocchi, M., Sbodio, M.L., Wiegand, L.: A design phase for data sharing agreements. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds.) DPM/SETOP 2011. LNCS, vol. 7122, pp. 25–41. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  16. De Nicola, R., Ferrari, G.-L., Pugliese, R.: Programming access control: the KLAIM experience. In: Palamidessi, C. (ed.) CONCUR 2000. LNCS, vol. 1877, pp. 48–65. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  17. OASIS, eXtensible Access Control Markup Language (XACML) Ver. 3.0 (2013)

    Google Scholar 

  18. Rensink, A., Gorrieri, R.: Vertical implementation. Inf. Comput. 170(1), 95–133 (2001)

    Article  MathSciNet  MATH  Google Scholar 

  19. Saaty, T.L.: How to make a decision: the analytic hierarchy process. Eur. J. Oper. Res. 48(1), 9–26 (1990)

    Article  MATH  Google Scholar 

  20. Scalavino, E., Gowadia, V., Lupu, E.C.: PAES: policy-based authority evaluation scheme. In: Gudes, E., Vaidya, J. (eds.) Data and Applications Security 2009. LNCS, vol. 5645, pp. 268–282. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  21. Scalavino, E., Russello, G., Ball, R., Gowadia, V., Lupu, E.C.: An opportunistic authority evaluation scheme for data security in crisis management scenarios. In: ASIACCS10

    Google Scholar 

  22. Swarup, V., Seligman, L., Rosenthal, A.: A data sharing agreement framework. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, pp. 22–36. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  23. Swarup, V., et al.: Specifying data sharing agreements. In: POLICY, pp. 157–162 (2006)

    Google Scholar 

  24. Coco Cloud Consortium, Deliverable 4.2 First DSA Management Infrastructure (2015). http://www.coco-cloud.eu/deliverables. Accessed 07 June 2016

Download references

Author information

Authors and Affiliations

  1. Atos, Madrid, Spain

    Jose Fran. Ruiz & Anil Ozdeniz

  2. IIT CNR, Pisa, Italy

    Marinella Petrocchi, Ilaria Matteucci & Gianpiero Costantino

  3. Hewlett Packard Enterprise, Milan, Italy

    Carmela Gambardella & Mirko Manea

Authors
  1. Jose Fran. Ruiz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marinella Petrocchi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ilaria Matteucci
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gianpiero Costantino
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Carmela Gambardella
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Mirko Manea
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Anil Ozdeniz
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Marinella Petrocchi .

Editor information

Editors and Affiliations

  1. ENISA , Athens, Greece

    Stefan Schiffner

  2. Goethe University Frankfurt am Main , Frankfurt, Germany

    Jetzabel Serna

  3. ENISA , Athens, Greece

    Demosthenes Ikonomou

  4. Goethe University Frankfurt am Main , Frankfurt, Germany

    Kai Rannenberg

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Ruiz, J.F. et al. (2016). A Lifecycle for Data Sharing Agreements: How it Works Out. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds) Privacy Technologies and Policy. APF 2016. Lecture Notes in Computer Science(), vol 9857. Springer, Cham. https://doi.org/10.1007/978-3-319-44760-5_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-44760-5_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-44759-9

  • Online ISBN: 978-3-319-44760-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation