Abstract | ||
---|---|---|
Despite the wide array of frameworks proposed for the formal specification and analysis of privacy laws, there has been comparatively little work on expressing large fragments of actual privacy laws in these frameworks. We attempt to bridge this gap by giving complete logical formalizations of the transmission-related portions of the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act (GLBA). To this end, we develop the PrivacyLFP logic, whose features include support for disclosure purposes, real-time constructs, and self-reference via fixed points. To illustrate these features and demonstrate PrivacyLFP's utility, we present formalizations of a collection of clauses from these laws. Due to their size, our full formalizations of HIPAA and GLBA appear in a companion technical report. We discuss ambiguities in the laws that our formalizations revealed and sketch preliminary ideas for computer-assisted enforcement of such privacy policies. |
Year | DOI | Venue |
---|---|---|
2010 | 10.1145/1866919.1866930 | WPES |
Keywords | Field | DocType |
gramm-leach-bliley act,accountability act,actual privacy law,computer-assisted enforcement,health insurance portability,logical specification,privacy policy,companion technical report,privacy law,glba privacy law,complete logical formalization,privacylfp logic,real time,fixed point,security | Internet privacy,Health Insurance Portability and Accountability Act,Actual Privacy,Computer science,Computer security,Privacy policy,Formal specification,Enforcement,Technical report,Sketch,Privacy laws of the United States | Conference |
Citations | PageRank | References |
28 | 1.05 | 12 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Henry DeYoung | 1 | 69 | 4.74 |
Deepak Garg | 2 | 581 | 45.48 |
Limin Jia | 3 | 666 | 71.97 |
Dilsun Kaynar | 4 | 272 | 14.05 |
Anupam Datta | 5 | 1617 | 87.21 |