Applying Formal Methods to Detect and Resolve Ambiguities in Privacy Requirements

Agrafiotis, Ioannis; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nick

doi:10.1007/978-3-642-20769-3_22

Cited by 10 publications

(14 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The approach is currently being used in the PROTECTIVE 9 project, a research and development project in cyber-threat intelligence sharing among public Computer Security Incident Response Teams (CSIRTs), with the project asking questions related to the challenges in ethics and law of cyber-threat intelligence sharing in a National Education Research Network (NREN) space. In the project we are identifying instances in which cyber threat intelligence may also include personal data, and what efforts are necessary to identify and anonymise personal data about to be shared between NRENs as well as identifying sharing of data that may otherwise breach the GDPR or other NDAs.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

An Ethics Framework for Research into Heterogeneous Systems

Happa

Nurse

Goldsmith

et al. 2018

Living in the Internet of Things: Cybersecurity of the IoT - 2018

View full text Add to dashboard Cite

Heterogeneous systems often found in the Internet of Things (IoT) have a wide range of challenges in ethics and law. Any device with an IP address can potentially collect, process, store and share data and make automated decisions in unpredictable ways. When conducting research and development in IoT, it is necessary to have a comprehensive socio-technical understanding of decision-making and datahandling, as well as procedures in place to pre-empt and address unforeseen consequences. In this paper we propose a comprehensive conceptual-modelling approach to help researchers systematically identify, consider and respond to challenges in ethics and law when conducting research and development of heterogeneous systems. Our framework is a six-layered model that addresses these concerns with regards to proximity to the data and actions in question. Using our framework, researchers should be able to deliver use-case scenarios that should be peer-reviewed by a large number of experts in dissimilar domains with the aim of identifying issues to why the research and development proposed is not done responsibly, so researchers can address these concerns. Finally, we explore a IoT use-case scenario, and we propose future directions for this work.

show abstract

Section: Discussionmentioning

confidence: 99%

“…The Ensuring Consent and Revocation (EnCoRe) [9] project proposed several approaches to formalise rulesets to ensure consent and revocation of personal data by service providers.…”

Section: Engineering Frameworkmentioning

confidence: 99%

An Ethics Framework for Research into Heterogeneous Systems

Happa

Nurse

Goldsmith

et al. 2018

Living in the Internet of Things: Cybersecurity of the IoT - 2018

View full text Add to dashboard Cite

show abstract

“…Their model provides an operational framework to characterize and estimate privacy violations in relational database systems. Agrafiotis et al, [31] applied formal methods to express privacy policies requirements and detect ambiguities and issues that are raised when mapping human-defined requirements into a formal notation.…”

Section: B Modeling Privacy Policies and Investigation Warrantsmentioning

confidence: 99%

Privacy-respecting digital investigation

Dehghantanha

Franke

2014

2014 Twelfth Annual International Conference on Privacy, Security and Trust

View full text Add to dashboard Cite

the forensics investigation requirements are in direct conflict with the privacy rights of those whose actions are being investigated. At the same time, once the private data is exposed it is impossible to 'undo' its exposure effects should the suspect is found innocent! Moreover, it is not uncommon that during a suspect investigation, private information of other innocent parties becomes apparent to the forensics investigator. These all raise the concern for development of platforms for enforcing privacy boundaries even to authorized forensics investigators. To the best of authors' knowledge, there is no practical model for privacy-respecting digital investigation which is capable of considering different jurisdictions requirements and protecting subjects' data privacy in line with investigation warrant permissions and data-origin privacy requirements.Privacy-respecting digital forensics as an emerging crossdisciplinary research area is moving toward addressing above issues. In this paper, we first establish needed foundations and describe details of "privacy-respecting digital investigation" as a cross-disciplinary field of research. Afterwards, we review main research efforts in different research disciplines relevant to the field and elaborate existing research problems. We finalize the paper by looking at potential privacy issues during digital investigation in the light of EU, US, and APEC privacy regulations.The main contributions of this paper are first establishing essential foundations and providing detailed definition of "privacy-respecting digital investigation" as a new crossdisciplinary field of research, second a review of current state of art in different disciplines relevant to this field, third elaborating existing issues and discussing most promising solutions relevant to these disciplines, and forth is detailed discussion of potential privacy issues in different phases of digital forensics life cycle based on EU,US, and APEC privacy regulations. We hope this paper opens up a new and fruitful avenue in the study, design, and development of privacy respecting forensics investigation as an interdisciplinary field of research.

show abstract

“…In a previous publication we applied the simple version of the logic to an Employee case study [2]. That exercise resulted in an enriched version of the logic, expressive enough to address ambiguities created either by the complex notion of privacy or by the translation of natural into formal language [2].…”

Section: Logic For Candrmentioning

confidence: 99%

“…In this paper we present and apply the novelties of the logic that occurred from addressing the ambiguities created when formal methods are applied for verification of the privacy properties of a system [2] and our aim is to verify that no more ambiguities are created when applying the logic on a different context. We formalise the requirements of the EnCoRe system operating in a Biobank environment, using a logic for consent and revocation [3].…”

Section: Introductionmentioning

confidence: 99%

Formalising Requirements for a Biobank Case Study Using a Logic for Consent and Revocation

Agrafiotis

Creese

Goldsmith

2012

IFIP Advances in Information and Communication Technology

Self Cite

View full text Add to dashboard Cite

In this paper we focus on formalising privacy requirements for the Oxford Radcliffe Biobank (ORB) case study that has emerged within the EnCoRe project. We express the requirements using a logic designed for reasoning about the dynamics of privacy and specifically for capturing the lifecycle of consent and revocation (C&R) controls that a user may invoke. We demonstrate how to tackle ambiguities uncovered in the formalisation and to bridge the gap between user requirements for personal data privacy and system level policy languages effectively.1 The EnCoRe project [9] is an interdisciplinary research project, a collaboration between UK industry and academia, partially funded by the UK Technology Strategy Board (TP/12/NS/P0501A), the UK Engineering and Physical Sciences Research Council and the UK Economic and Social Research Council (EP/G002541/1).

show abstract

Applying Formal Methods to Detect and Resolve Ambiguities in Privacy Requirements

Cited by 10 publications

References 7 publications

An Ethics Framework for Research into Heterogeneous Systems

An Ethics Framework for Research into Heterogeneous Systems

Privacy-respecting digital investigation

Formalising Requirements for a Biobank Case Study Using a Logic for Consent and Revocation

Contact Info

Product

Resources

About