Automated Legal Compliance Checking by Security Policy Analysis

IRIS

Legal compliance-by-design is the process of developing a software system that processes personal data in such a way that its ability to meet specific legal provisions is ascertained. In this paper, we describe techniques to automatically check the compliance of the security policies of a system against formal rules derived from legal provisions by re-using available tools for security policy verification. We also show the practical viability of our approach by reporting the experimental results of a prototype for checking compliance of realistic and synthetic policies against the European Data Protection Directive (EU DPD).

Automated Legal Compliance Checking by Security Policy Analysis / Ranise, Silvio; Siswantoro, Hari. - ELETTRONICO. - 10489:(2017), pp. 361-372. (Intervento presentato al convegno SAFECOMP 2017 tenutosi a Trento nel 12th-15th September 2017) [10.1007/978-3-319-66284-8_30].

Automated Legal Compliance Checking by Security Policy Analysis

Ranise, Silvio;Siswantoro, Hari

2017-01-01

Abstract

Legal compliance-by-design is the process of developing a software system that processes personal data in such a way that its ability to meet specific legal provisions is ascertained. In this paper, we describe techniques to automatically check the compliance of the security policies of a system against formal rules derived from legal provisions by re-using available tools for security policy verification. We also show the practical viability of our approach by reporting the experimental results of a prototype for checking compliance of realistic and synthetic policies against the European Data Protection Directive (EU DPD).

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
			2017
		
	Titolo del volume (Proceedings title)
	
			Computer Safety Reliability and Security
		
	Luogo di edizione (Place of publication)
	
			Cham, Svizzera
		
	Casa editrice (Publisher)
	
			Springer
		
	ISBN
	
			978-3-319-66283-1
		
	Codice Scopus (Scopus Identifier)
	
			2-s2.0-85029530866
		
	Tutti gli autori
	
			Ranise, Silvio; Siswantoro, Hari
		
	Citazione
	
			Automated Legal Compliance Checking by Security Policy Analysis / Ranise, Silvio; Siswantoro, Hari. - ELETTRONICO. - 10489:(2017), pp. 361-372. (Intervento presentato al  convegno SAFECOMP 2017 tenutosi a Trento nel 12th-15th September 2017) [10.1007/978-3-319-66284-8_30].
		
	Appare nelle tipologie:
	
			04.1 Saggio in atti di convegno (Paper in Proceedings)

File in questo prodotto:

File	Dimensione	Formato
978-3-319-66284-8_30.pdf Solo gestori archivio Descrizione: Main article Tipologia: Versione editoriale (Publisher’s layout) Licenza: Tutti i diritti riservati (All rights reserved) Dimensione 773.66 kB Formato Adobe PDF Visualizza/Apri	773.66 kB	Adobe PDF	Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/196770

Citazioni

ND

17

ND

social impact