Legal compliance-by-design is the process of developing a software system that processes personal data in such a way that its ability to meet specific legal provisions is ascertained. In this paper, we describe techniques to automatically check the compliance of the security policies of a system against formal rules derived from legal provisions by re-using available tools for security policy verification. We also show the practical viability of our approach by reporting the experimental results of a prototype for checking compliance of realistic and synthetic policies against the European Data Protection Directive (EU DPD).

Automated Legal Compliance Checking by Security Policy Analysis / Ranise, Silvio; Siswantoro, Hari. - ELETTRONICO. - 10489:(2017), pp. 361-372. (Intervento presentato al convegno SAFECOMP 2017 tenutosi a Trento nel 12th-15th September 2017) [10.1007/978-3-319-66284-8_30].

Automated Legal Compliance Checking by Security Policy Analysis

Ranise, Silvio;Siswantoro, Hari
2017-01-01

Abstract

Legal compliance-by-design is the process of developing a software system that processes personal data in such a way that its ability to meet specific legal provisions is ascertained. In this paper, we describe techniques to automatically check the compliance of the security policies of a system against formal rules derived from legal provisions by re-using available tools for security policy verification. We also show the practical viability of our approach by reporting the experimental results of a prototype for checking compliance of realistic and synthetic policies against the European Data Protection Directive (EU DPD).
2017
Computer Safety Reliability and Security
Cham, Svizzera
Springer
978-3-319-66283-1
Ranise, Silvio; Siswantoro, Hari
Automated Legal Compliance Checking by Security Policy Analysis / Ranise, Silvio; Siswantoro, Hari. - ELETTRONICO. - 10489:(2017), pp. 361-372. (Intervento presentato al convegno SAFECOMP 2017 tenutosi a Trento nel 12th-15th September 2017) [10.1007/978-3-319-66284-8_30].
File in questo prodotto:
File Dimensione Formato  
978-3-319-66284-8_30.pdf

Solo gestori archivio

Descrizione: Main article
Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 773.66 kB
Formato Adobe PDF
773.66 kB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/196770
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 18
  • ???jsp.display-item.citation.isi??? ND
social impact