Privacy Management for Global Organizations

Pearson, Siani; Sander, Tomas; Sharma, Rajneesh

doi:10.1007/978-3-642-11207-2_2

Privacy Management for Global Organizations

Siani Pearson²⁰,
Tomas Sander²¹ &
Rajneesh Sharma²²

Conference paper

656 Accesses
8 Citations

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5939))

Abstract

In this paper we look at the complex area of a global outsourcing delivery model among different countries and/or organizations. In this case, privacy requirements stemming from requirements of various countries of data origin need to be honoured and taken into account during the data lifecycle. We review practical privacy management challenges arising in large, global organizations and discuss technology needed to address them. As a first example we describe the design of a privacy tool built and deployed to help an organization identify and manage privacy concerns in the context of Business Process Outsourcing (BPO). As a generalization of this technology we present an automated solution for scalable, accountable privacy management.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Hecker, M., Dillon, T.S., Chang, E.: Internet Computing Privacy Ontology Support for E-Commerce, vol. 12(2), pp. 54–61. IEEE Computer Society Press, Los Alamitos (2008)
Google Scholar
Martimiano, L.A.F., Goncalves, M.R.P., dos Santos Moreira, E.: An ontology for privacy policy management in ubiquitous environments, NOMS, pp. 947–950. IEEE, Los Alamitos (2008)
Google Scholar
Pearson, Sander, Sharma. Privacy Management for Global Organizations, HP-TR (2009)
Google Scholar
Organization for Economic Co-operation and Development (OECD): Guidelines Governing the Protection of Privacy and Transborder Flow of Personal Data, OECD, Geneva (1980)
Google Scholar
Galway Project, Plenary Session Introduction, p. 5 (April 8, 2009)
Google Scholar
Weitzner, A., Berners-Lee, F., Hendler, S.: Information Accountability. Communications of ACM 51(6) (June 2008)
Google Scholar
Pearson, S., Rao, P., Sander, T., Parry, A., Paull, A., Patruni, S., Dandamudi-Ratnakar, V., Sharma, P.: Scalable, Accountable Privacy Management for Large Organizations. In: INSPEC 2009. IEEE, Los Alamitos (2009)
Google Scholar
IBM: The Enterprise Privacy Authorization Language (EPAL), EPAL specification, v1.2 (2004), http://www.zurich.ibm.com/security/enterprise-privacy/epal/
OASIS: eXtensible Access Control Markup Language (XACML), http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
Cranor, L.: Web Privacy with P3P. O’Reilly & Associates, Sebastopol (2002)
Google Scholar
Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Policy Specification Language (2001), http://www-dse.doc.ic.ac.uk/research/policies/index.shtml
IBM: Sparcle project, http://domino.research.ibm.com/comm/research_projects.nsf/pages/sparcle.index.html
IBM: REALM project, http://www.zurich.ibm.com/security/publications/2006/REALM-at-IRIS2006-20060217.pdf
OASIS: eContracts Specification v1.0 (2007), http://www.oasis-open.org/apps/org/workgroup/legalxml-econtracts
Travis, D., Breaux, T.D., Antón, A.I.: Analyzing Regulatory Rules for Privacy and Security Requirements. IEEE Transactions on Software Engineering 34(1), 5–20 (2008)
Article Google Scholar
Kenny, S., Borking, J.: The Value of Privacy Engineering, JILT (2002)
Google Scholar
Privacy and Identity Management for Europe (2008), http://www.prime-project.org.eu
Russel, S., Norvig, P.: Artificial Intelligence – A Modern Approach. Prentice-Hall, Englewood Cliffs (2003)
Google Scholar
Dicodess: Open Source Model-Driven DSS Generator, http://dicodess.sourceforge.net
XpertRule: Knowledge Builder, http://www.xpertrule.com/pages/info_kb.htm

Download references

Author information

Authors and Affiliations

Systems Security Lab, HP Labs, Filton Rd, Bristol, UK
Siani Pearson
Systems Security Lab, HP Labs, 5 Vaughn Dr, Princeton, USA
Tomas Sander
GBS BCP and Security Team, Wind Tunnel Rd, Bangalore, India
Rajneesh Sharma

Authors

Siani Pearson
View author publications
You can also search for this author in PubMed Google Scholar
Tomas Sander
View author publications
You can also search for this author in PubMed Google Scholar
Rajneesh Sharma
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

TELECOM Bretagne, Campus de Rennes 2, rue de la Chataigneraie, 35512, Cesson Sevigne, Cedex, France
Joaquin Garcia-Alfaro
IIA-CSIC, Campus UAB, 08193, Bellaterra, Spain
Guillermo Navarro-Arribas
TELECOM Bretagne, 2 rue de la châtaigneraie, 35512, Cesson Sévigné Cedex, France
Nora Cuppens-Boulahia
Institut Eurécom, 2229 Route des Crêtes - BP 193, 06904, Sophia Antipolis Cedex, France
Yves Roudier

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Pearson, S., Sander, T., Sharma, R. (2010). Privacy Management for Global Organizations. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., Roudier, Y. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2009 2009. Lecture Notes in Computer Science, vol 5939. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11207-2_2

Download citation

DOI: https://doi.org/10.1007/978-3-642-11207-2_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11206-5
Online ISBN: 978-3-642-11207-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics