Privacy by design will become a legal obligation in the European Community if the Data Protection Regulation eventually gets adopted. However, taking into account privacy requirements in the design of a system is a challenging task. We propose an approach based on the specification of privacy architectures and focus on a key aspect of privacy, data minimisation, and its tension with integrity requirements. We illustrate our formal framework through a smart metering case study.
@article{arxiv.1408.1854,
title = {Privacy Architectures: Reasoning About Data Minimisation and Integrity},
author = {Thibaud Antignac and Daniel Le Métayer},
journal= {arXiv preprint arXiv:1408.1854},
year = {2014}
}
Comments
appears in STM - 10th International Workshop on Security and Trust Management 8743 (2014)