Enforcing legal compliance into software systems is a non-trivial task that requires an interdisciplinary approach. This thesis presents a new methodology for legal compliance checking against European legal provisions, namely the EU Data Protection Directive, the EU General Data Protection Regulation and the revised EU Payment Services Directive. We propose two types of compliance checking mechanisms that should be exploited at design-time or run-time. The former is based on security policy analysis of access control policies. The later is built on top of an approach to synthesizing run-time monitors for workflow-driven applications. Our contributions include a comprehensive methodology for legal compliance checking, the formalization of the regulations and the prototype tool of the implemented compliance methodology.

Automated Analysis and Synthesis for the Compliance of Privacy and Other Legal Provisions / Siswantoro, Hari. - (2018), pp. 1-110.

Automated Analysis and Synthesis for the Compliance of Privacy and Other Legal Provisions

Siswantoro, Hari
2018-01-01

Abstract

Enforcing legal compliance into software systems is a non-trivial task that requires an interdisciplinary approach. This thesis presents a new methodology for legal compliance checking against European legal provisions, namely the EU Data Protection Directive, the EU General Data Protection Regulation and the revised EU Payment Services Directive. We propose two types of compliance checking mechanisms that should be exploited at design-time or run-time. The former is based on security policy analysis of access control policies. The later is built on top of an approach to synthesizing run-time monitors for workflow-driven applications. Our contributions include a comprehensive methodology for legal compliance checking, the formalization of the regulations and the prototype tool of the implemented compliance methodology.
2018
XXIX
2018-2019
Ingegneria e scienza dell'Informaz (29/10/12-)
Information and Communication Technology
Ranise, Silvio
no
Inglese
Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni
File in questo prodotto:
File Dimensione Formato  
DECLARATORIA_Hari.pdf

Solo gestori archivio

Tipologia: Tesi di dottorato (Doctoral Thesis)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 140.87 kB
Formato Adobe PDF
140.87 kB Adobe PDF   Visualizza/Apri
Hari_thesis.pdf

Solo gestori archivio

Tipologia: Tesi di dottorato (Doctoral Thesis)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 930.83 kB
Formato Adobe PDF
930.83 kB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/368988
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact