IT-security and privacy: design and use of privacy-enhancing security mechanisms
IT-security and privacy: design and use of privacy-enhancing security mechanisms
Platform for enterprise privacy practices: privacy-enabled management of customer data
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
E-P3P privacy policies and privacy authorization
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
Privacy-preserving Bayesian network structure computation on distributed heterogeneous data
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Privacy and e-commerce: a consumer-centric perspective
Electronic Commerce Research
PRINDA: Architecture and design of non-disclosure agreements in privacy policy framework
Data & Knowledge Engineering
Best practices and tools for personal information compliance management
IBM Systems Journal
End-user privacy in human-computer interaction
Foundations and Trends in Human-Computer Interaction
Localization of credential information to address increasingly inevitable data breaches
Proceedings of the 2008 workshop on New security paradigms
Private data management in collaborative environments
CDVE'07 Proceedings of the 4th international conference on Cooperative design, visualization, and engineering
Policy framework for security and privacy management
IBM Journal of Research and Development
Representing and reasoning about privacy abstractions
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
Language-Based enforcement of privacy policies
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
| Hi-index | 0.00 |
Regulations and consumer backlash force many organizations to re-evaluate the way they manage private data. As a first step, they publish privacy promises as text or P3P. These promises are not backed up by privacy technology that enforces the promises throughout the enterprise. Privacy tools cover fractions of the problem while leaving the main challenge unanswered.This article describes a new approach towards enterprise-wide enforcement of the privacy promises. Its core is a new framework for managing collected personal data in a sensitive, trustworthy way. The framework enables enterprises to publish clear privacy promises, to collect and manage user preferences and consent, and to enforce the privacy promises throughout the enterprise.One of the foundations of this framework is the "sticky policy paradigm" that defines a customer centric model for managing policies, preferences, and consent.