PRINDA: Architecture and design of non-disclosure agreements in privacy policy framework

Authors:
S. K. Gupta;Vikram Goyal;Anand Gupta;Indira Meshram
Affiliations:
Department of Computer Science and Engineering, I.I.T. Delhi, New Delhi 16, India;Department of Computer Science and Engineering, I.I.T. Delhi, New Delhi 16, India;Department of Computer Science and Engineering, N.S.I.T. Delhi, Sector-3, Dwarka, New Delhi, India;Department of Computer Science and Engineering, I.I.T. Delhi, New Delhi 16, India
Venue:
Data & Knowledge Engineering
Year:
2007

Citing 13
Cited 0

Digital certificates: a survey of revocation methods

MULTIMEDIA '00 Proceedings of the 2000 ACM workshops on Multimedia
On granting limited access to private information

Proceedings of the 10th international conference on World Wide Web
E-P3P privacy policies and privacy authorization

Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
From privacy promises to privacy management: a new approach for enforcing privacy throughout an enterprise

Proceedings of the 2002 workshop on New security paradigms
Why we can't be bothered to read privacy policies models of privacy economics as a lemons market

ICEC '03 Proceedings of the 5th international conference on Electronic commerce
Privacy Contracts as an Extension of Privacy Policies

ICDEW '05 Proceedings of the 21st International Conference on Data Engineering Workshops
Hippocratic databases

VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Vision paper: enabling privacy for the paranoids

VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Simplifying Public Key Management

Computer
Query rewriting for detection of privacy violation through inferencing

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Platform for enterprise privacy practices: privacy-enabled management of customer data

PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
O2O: virtual private organizations to manage security policy interoperability

ICISS'06 Proceedings of the Second international conference on Information Systems Security
Malafide intension based detection of privacy violation in information system

ICISS'06 Proceedings of the Second international conference on Information Systems Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Non-disclosure agreements (NDAs) in real life are typically used whenever there is transfer of private or confidential information from one organization to another. The provider organization cannot have any control over privacy mechanisms of the receiving organization. The privacy policy work so far has addressed itself for preventing privacy violations within an organization. We aim to give an architecture of PRINDA (PRIvacy NDA) system which incorporates NDA's in privacy policy framework. Advantages of PRINDA system will be the following: (i) as there can be traces of malicious activity (invasion of privacy) either at provider-end or at recipient-end, if detected/reported, NDA can help to fix the responsibility to the organization violating the agreement, and will strengthen control in the privacy arena and (ii) owner of data can be provided with detailed description of accesses to the data from every organization to which the data has been transferred (strengthening the principle of compliance).