Enhancing user privacy through data handling policies

Ardagna, C.A.; De Capitani di Vimercati, S.; Samarati, P.

doi:10.1007/11805588_16

The protection of privacy is an increasing concern in today’s global infrastructure. One of the most important privacy protection principles states that personal information collected for one purpose may not be used for any other purpose without the specific informed consent of the person it concerns. Although users provide personal information for use in one specific context, they often have no idea on how such a personal information may be used subsequently. In this paper, we introduce a new type of privacy policy, called data handling policy, which defines how the personal information release will be (or should be) dealt with at the receiving party. A data handling policy allows users to define simple and appropriate levels of control over who sees what information about them and under which circumstances.

Enhancing user privacy through data handling policies / C.A. Ardagna, S. De Capitani di Vimercati, P. Samarati - In: Data and applications security XX : 20. annual IFIP WG 11.3 working conference on data and applications security : Sophia Antipolis, France, july 31-august 2 2006 : proceedings / [a cura di] Ernesto Damiani, Peng Liu. - Berlin : Springer, 2006. - ISBN 3540367969. - pp. 224-236 (( Intervento presentato al 20. convegno IFIP WG 11.3 Working Conference on Data and Applications Security tenutosi a Sophia-Antipolis, France nel 2006.

Enhancing user privacy through data handling policies

C.A. Ardagna^Primo;S. De Capitani di Vimercati^Secondo;P. Samarati^Ultimo

2006

Abstract

The protection of privacy is an increasing concern in today’s global infrastructure. One of the most important privacy protection principles states that personal information collected for one purpose may not be used for any other purpose without the specific informed consent of the person it concerns. Although users provide personal information for use in one specific context, they often have no idea on how such a personal information may be used subsequently. In this paper, we introduce a new type of privacy policy, called data handling policy, which defines how the personal information release will be (or should be) dealt with at the receiving party. A data handling policy allows users to define simple and appropriate levels of control over who sees what information about them and under which circumstances.

Scheda breve

Scheda completa

Scheda completa (DC)

	Parole chiave
	
			Access control ; Data handling policies ; Secondary use ; Privacy.
		
	Settori scientifico-disciplinari del contributo
	
			Settore INF/01 - Informatica
		
	Data di pubblicazione
	
			2006
		
	DOI
	
			https://dx.doi.org/10.1007/11805588_16
		
	Tipologia
	
			Book Part (author)
		
	Appare nelle tipologie:
	
			03 - Contributo in volume

File in questo prodotto:

Non ci sono file associati a questo prodotto.

Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/30264

Citazioni

ND

14

5

IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca