Abstract
For the purposes of our work we use the concept of metadata to implement enterprise digital right management mechanisms in an intelligent document environment. Such metadata allows us to firstly define contextual security rules and secondly to ensure the information traceability. However, its use may have legal implications, especially with regard to metadata that can be stored (see personal data, privacy), how it should be stored (see probative value in case of litigation, digital forensics) or computer processing in which it may be involved. Another topical issue is the storage and the processing of data using a service provider: the cloud. We must ensure, however, that this solution does not lead to a loss of information controllability for the company. This article aims to position our work with respect to these legal issues.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
BackPlan\(^{\textsc {TM}}\), Project Communication Control
- 2.
The sections of pipe are welded every 12 to 15Â m. These welds should be checked: radiography, analysis by a certified individual, hydraulic tests. These controls are spread over time and generate many records that are, once made, a legal value.
- 3.
E-DRM: Enterprise Digital Right Management.
- 4.
See also Orders of November 15, 2011 or August 31, 2012 from the First President of the Paris Court given in matters relating to anticompetitive practices.
References
Inmon, W.H.: Tech topic: What is a data warehouse? Prism Solutions, 1 pp. (1995)
Kimball, R., Ross, M., Thornthwaite, W., Mundy, J., Becker, B.: The Data Warehouse Lifecycle Toolkit, 2nd edn. Wiley Publishing, New York (2008)
Munier, M.: A multi-view approach for embedded information system security. In: CRiSIS, pp. 65–72. IEEE (2010)
Munier, M., Lalanne, V., Ricarde, M.: Self-protecting documents for cloud storage security. In: TrustCom, pp. 1231–1238. IEEE (2012)
Kalam, A.A.E., Benferhat, S., Miège, A., Baida, R.E., Cuppens, F., Saurel, C., Balbiani, P., Deswarte, Y., Trouessin, G.: Organization based access control. In: POLICY, pp. 120–131. IEEE Computer Society (2003)
Elrakaiby, Y., Cuppens, F., Cuppens-Boulahia, N.: From contextual permission to dynamic pre-obligation: an integrated approach. In: ARES, pp. 70–78. IEEE Computer Society (2010)
Cuppens, F., Cuppens-Boulahia, N.: Modeling contextual security policies. Int. J. Inf. Sec. 7(4), 285–305 (2008)
Cuppens, F., Miège, A.: Modelling contexts in the or-bac model. In: ACSAC, pp. 416–427. IEEE Computer Society (2003)
Bertino, E., Lim, H.-S.: Assuring data trustworthiness - concepts and research challenges. In: Jonker, W., Petković, M. (eds.) SDM 2010. LNCS, vol. 6358, pp. 1–12. Springer, Heidelberg (2010)
Zheng, X., Maillé, P., Le, C.T.P., Morucci, S.: Improving the efficiency of collaborative work with trust management. In: Agoulmine, N., Bartolini, C., Pfeifer, T., O’Sullivan, D. (eds.) Integrated Network Management, pp. 1172–1179. IEEE (2011)
Zheng, X., Maillé, P., Le, C.T.P., Morucci, S.: Trust mechanisms for efficiency improvement in collaborative working environments. In: MASCOTS, pp. 465–467. IEEE (2010)
Le, C.T.P., Cuppens, F., Cuppens, N., Maillé, P.: Evaluating the trustworthiness of contributors in a collaborative environment. In: Bertino, E., Joshi, J.B.D. (eds.) CollaborateCom 2008. LNICST, vol. 10, pp. 451–460. Springer, Heidelberg (2009)
Lalanne, V., Munier, M., Gabillon, A.: Information security risk management in a world of services. In: PASSAT (2013)
Jaramillo, E., Munier, M., Aniorté, P.: Information security in business intelligence based on cloud: a survey of key issues and the premises of a proposal. In: WOSIS (2013)
Hricik, D., Scott, C.E.: Metadata: the ghosts haunting e-documents. In: FindLaw, March 2008
Van Hoboken, J., Arnbak, A., Van Eijk, N.: Cloud computing in higher education and research institutions and the USA PATRIOT Act. Social Science Research Network Working Paper Series, November 2012
Lee, L.T.: USA PATRIOT ACT and telecommunications: privacy under attack. Rutgers Comput. Tech. LJ 29, 371 (2003)
EU: Fighting cyber crime and protecting privacy in the cloud. EU Parliament (2012)
EU: Proposal for a Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protecting Regulation). Comm. European Communities, Bruxelles (2012)
Guarda, P., Zannone, N.: Towards the development of privacy-aware systems. Inf. Softw. Technol. 51(2), 337–350 (2009)
Zhou, B., Pei, J., Luk, W.: A brief survey on anonymization techniques for privacy preserving publishing of social network data. SIGKDD Explor. Newsl. 10(2), 12–22 (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Munier, M., Lalanne, V., Ardoy, PY., Ricarde, M. (2014). Legal Issues About Metadata Data Privacy vs Information Security. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, W. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2013 2013. Lecture Notes in Computer Science(), vol 8247. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54568-9_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-54568-9_11
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-54567-2
Online ISBN: 978-3-642-54568-9
eBook Packages: Computer ScienceComputer Science (R0)