Secure audit logs to support computer forensics
ACM Transactions on Information and System Security (TISSEC)
E-P3P privacy policies and privacy authorization
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
A Privacy Policy Model for Enterprises
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Anomaly Detection Using Call Stack Information
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Efficient comparison of enterprise privacy policies
Proceedings of the 2004 ACM symposium on Applied computing
Workflow Mining: Discovering Process Models from Event Logs
IEEE Transactions on Knowledge and Data Engineering
Hierarchical hippocratic databases with minimal disclosure for virtual organizations
The VLDB Journal — The International Journal on Very Large Data Bases
A Study of Access Control Requirements for Healthcare Systems Based on Audit Trails from Access Logs
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Audit-based compliance control
International Journal of Information Security
Beyond purpose-based privacy access control
ADC '07 Proceedings of the eighteenth conference on Australasian database - Volume 63
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Conformance checking of processes based on monitoring real behavior
Information Systems
Auditing compliance with a Hippocratic database
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Purpose based access control for privacy protection in relational database systems
The VLDB Journal — The International Journal on Very Large Data Bases
Towards the development of privacy-aware systems
Information and Software Technology
A new approach to secure logging
ACM Transactions on Storage (TOS)
A calculus for orchestration of web services
ESOP'07 Proceedings of the 16th European conference on Programming
Platform for enterprise privacy practices: privacy-enabled management of customer data
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Formal analysis of BPMN via a translation into COWS
COORDINATION'08 Proceedings of the 10th international conference on Coordination models and languages
A model checking approach for verifying COWS specifications
FASE'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Fundamental approaches to software engineering
A formal implementation of value commitment
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Measuring privacy compliance using fitness metrics
BPM'12 Proceedings of the 10th international conference on Business Process Management
The influential factors for the variation of data sensitivity in ubiquitous social networking
International Journal of Wireless and Mobile Computing
| Hi-index | 0.00 |
Data protection legislation requires personal data to be collected and processed only for lawful and legitimate purposes. Unfortunately, existing protection mechanisms are not appropriate for purpose control: they only prevent unauthorized actions from occurring and do not guarantee that the data are actually used for the intended purpose. In this paper, we present a flexible framework for purpose control, which connects the intended purpose of data to the business model of an organization and detects privacy infringements by determining whether the data have been processed only for the intended purpose.