The protection of privacy is an increasing concern in today’s global infrastructure. One of the most important privacy protection principles states that personal information collected for one purpose may not be used for any other purpose without the specific informed consent of the person it concerns. Although users provide personal information for use in one specific context, they often have no idea on how such a personal information may be used subsequently. In this paper, we introduce a new type of privacy policy, called data handling policy, which defines how the personal information release will be (or should be) dealt with at the receiving party. A data handling policy allows users to define simple and appropriate levels of control over who sees what information about them and under which circumstances.

Enhancing user privacy through data handling policies / C.A. Ardagna, S. De Capitani di Vimercati, P. Samarati - In: Data and applications security XX : 20. annual IFIP WG 11.3 working conference on data and applications security : Sophia Antipolis, France, july 31-august 2 2006 : proceedings / [a cura di] Ernesto Damiani, Peng Liu. - Berlin : Springer, 2006. - ISBN 3540367969. - pp. 224-236 (( Intervento presentato al 20. convegno IFIP WG 11.3 Working Conference on Data and Applications Security tenutosi a Sophia-Antipolis, France nel 2006.

Enhancing user privacy through data handling policies

C.A. Ardagna
Primo
;
S. De Capitani di Vimercati
Secondo
;
P. Samarati
Ultimo
2006

Abstract

The protection of privacy is an increasing concern in today’s global infrastructure. One of the most important privacy protection principles states that personal information collected for one purpose may not be used for any other purpose without the specific informed consent of the person it concerns. Although users provide personal information for use in one specific context, they often have no idea on how such a personal information may be used subsequently. In this paper, we introduce a new type of privacy policy, called data handling policy, which defines how the personal information release will be (or should be) dealt with at the receiving party. A data handling policy allows users to define simple and appropriate levels of control over who sees what information about them and under which circumstances.
Access control ; Data handling policies ; Secondary use ; Privacy.
Settore INF/01 - Informatica
2006
Book Part (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/30264
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 15
  • ???jsp.display-item.citation.isi??? 5
social impact