Paper Info
Title
A model-integrated authoring environment for privacy policies
Abstract
Privacy policies are rules designed to ensure that individuals' health data are properly protected. Health Information Systems (HIS) are legally required to adhere to these policies. Since privacy policies are imposed on complex software systems, it is extremely hard to reason about their conformance and consistency. In order to address this problem, we have created a model-driven authoring environment to formally specify privacy policies originally defined in legal terms. In our observation, appropriate formalization of our policy language enabled formal analysis of its policies; these features were key to a successful model-driven engineering process. In this paper we present our modeling language and show its semantic anchoring to analyzable logic programs. We report on several projects where our approach is being applied and validated. Model-Integrated Privacy Policy Authoring environment for lawyers and doctors.Precise semantic anchoring to term algebras and logic programs.A domain-specific language describing privacy policies with patterns.An execution environment by the tool FORMULA to prove correctness by design.A formally underpinned environment to reason about privacy policies.
Year
DOI
Venue
2014
10.1016/j.scico.2013.05.004
Science of Computer Programming
Keywords
Field
DocType
constraint logic programming,privacy policies
Programming language,Privacy by Design,Computer science,Privacy policy,Correctness,Modeling language,Software system,Information privacy,Constraint logic programming,Privacy software
Journal
Volume
Issue
ISSN
89
PB
0167-6423
Citations 
PageRank 
References 
2
0.36
29
Authors
5
Name
Order
Citations
PageRank
Andras Nadas1806.62
Tihamer Levendovszky223327.58
Ethan K. Jackson320415.30
Istvan Madari471.94
Janos Sztipanovits51478165.28