1,649
views
0
recommends
+1 Recommend
1 collections
    0
    shares

      Studying business & IT? Drive your professional career forwards with BCS books - for a 20% discount click here: shop.bcs.org

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Provenance-based Auditing of Private Data Use

      Published
      proceedings-article
      ,
      Visions of Computer Science - BCS International Academic Conference (VOCS)
      BCS International Academic Conference
      22 - 24 September 2008
      Provenance, Audit, Private data, Data Protection Act
      Bookmark

            Abstract

            Across the world, organizations are required to comply with regulatory frameworks dictating how to manage personal information. Despite these, several cases of data leaks and exposition of private data to unauthorized recipients have been publicly and widely advertised. For authorities and system administrators to check compliance to regulations, auditing of private data processing becomes crucial in IT systems. Finding the origin of some data, determining how some data is being used, checking that the processing of some data is compatible with the purpose for which the data was captured are typical functionality that an auditing capability should support, but difficult to implement in a reusable manner. Such questions are so-called provenance questions, where provenance is defined as the process that led to some data being produced. The aim of this paper is to articulate how data provenance can be used as the underpinning approach of an auditing capability in IT systems. We present a case study based on requirements of the Data Protection Act and an application that audits the processing of private data, which we apply to an example manipulating private data in a university.

            Content

            Author and article information

            Contributors
            Conference
            September 2008
            September 2008
            : 141-152
            Affiliations
            [0001]School of Electronics and Computer Science, University of Southampton, Southampton SO17 1BJ, UK
            Article
            10.14236/ewic/VOCS2008.13
            0ba3911e-7e90-45ff-aa12-41354a0b9f9b
            © Rocío Aldeco-Pérez et al. Published by BCS Learning and Development Ltd. Visions of Computer Science - BCS International Academic Conference

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            Visions of Computer Science - BCS International Academic Conference
            VOCS
            Imperial College, London, UK
            22 - 24 September 2008
            Electronic Workshops in Computing (eWiC)
            BCS International Academic Conference
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/VOCS2008.13
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            Provenance,Audit,Private data,Data Protection Act

            Comments

            Comment on this article