InstantDB: Enforcing Timely Degradation of Sensitive Data

Anciaux, Nicolas; Bouganim, Luc; Heerde, Harold van; Pelletier, Philippe; Apers, Peter M. G.

doi:10.1109/icde.2008.4497560

Cited by 9 publications

(9 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Primarily aimed at large databases, the different hierarchical levels of the domain generalisation graphs are utilised for rolling up and drilling down the data in the database. The authors in [7,8] build upon the domain generalisation graphs of [6] to propose degrading data elements by retaining only the information in the graph levels required for future processes. For this purpose, the authors utilise the hardwired life-cycle policy model of [9].…”

Section: Related Workmentioning

confidence: 99%

On Enabling GDPR Compliance in Business Processes Through Data-Driven Solutions

Zaman

Hassani

2020

SN COMPUT. SCI.

View full text Add to dashboard Cite

The collection and long-term retention of excessive data enables organisations to process data for insights in non-primary processes. The discovery of insights is promoted to be useful both for organisations and the customers. However, long-term possession of data on one hand risks the privacy of data belonging beings in cases of data breaches and on the other hand results in the customers distrust. General Data Protection Regulation (GDPR) abstractly defined the data processing boundaries of the personal data of European Union's citizens. The processing principles of GDPR, in line with the spirit of privacy by design and default, provide directions on the collection, storage, and processing of personal data. Concomitantly, the data subject rights provide customers with necessary control over their personal data stationed at the data controller's premises. The accountability principle of GDPR requires compliance in place and also the ability to demonstrate it. In this work, we are providing three solutions to enable GDPR compliance in business processes. First, we are proposing intra-process data degradation, a solution for continuous data minimisation during the course of business processes. The proposed approach results in reduced data maintenance and breach losses. Second, we adapt process mining techniques for ascertaining compliance of business process execution to data subject rights. Finally, we present a scheme to utilise differential privacy technique to enable GDPR-compliant business process discovery. Additionally, we offer links to two effective tools that demonstrate our first and second contributions.

show abstract

Section: Related Workmentioning

confidence: 99%

On Enabling GDPR Compliance in Business Processes Through Data-Driven Solutions

Zaman

Hassani

2020

SN COMPUT. SCI.

View full text Add to dashboard Cite

show abstract

“…Hence, a path from a particular node to the root of the tree expresses all degraded forms the value of that node can take in its domain (see Figure 3). Note however, that when storing privacy sensitive data in regular databases, it must be ensured that at each degradation step, the data will be irreversibly removed from the system, which is not a straightforward task [4,36]. For more details of the model we refer to [5].…”

Section: Privacy Controlmentioning

confidence: 99%

The Right Expert at the Right Time and Place

Serdyukov

Feng

Bunningen³

et al. 2008

Practical Aspects of Knowledge Management

Self Cite

View full text Add to dashboard Cite

We propose a unified and complete solution for expert finding in organizations, including not only expertise identification, but also expertise selection functionality. The latter two include the use of implicit and explicit preferences of users on meeting each other, as well as localization and planning as important auxiliary processes. We also propose a solution for privacy protection, which is urgently required in view of the huge amount of privacy sensitive data involved. Various parts are elaborated elsewhere, and we look forward to a realization and usage of the proposed system as a whole.

show abstract

“…We already devised a simple and limited version of the degradation model [2]. Current work aims at a better understanding of the impact of degradation on traditional database technology.…”

Section: Research Agendamentioning

confidence: 99%

“…As retention limits become shorter, the number of degradation steps increases and the performance problem arises. For more details we refer to [2].…”

Section: Introductionmentioning

confidence: 99%

Data degradation

Anciaux

Bouganim

Heerde

et al. 2008

Proceedings of the 17th ACM Conference on Information and Knowledge Management

Self Cite

View full text Add to dashboard Cite

Trail disclosure is the leakage of privacy sensitive data, resulting from negligence, attack or abusive scrutinization or usage of personal digital trails. To prevent trail disclosure, data degradation is proposed as an alternative to the limited retention principle. Data degradation is based on the assumption that long lasting purposes can often be satisfied with a less accurate, and therefore less sensitive, version of the data. Data will be progressively degraded such that it still serves application purposes, while decreasing accuracy and thus privacy sensitivity.

show abstract

InstantDB: Enforcing Timely Degradation of Sensitive Data

Cited by 9 publications

References 10 publications

On Enabling GDPR Compliance in Business Processes Through Data-Driven Solutions

On Enabling GDPR Compliance in Business Processes Through Data-Driven Solutions

The Right Expert at the Right Time and Place

Data degradation

Contact Info

Product

Resources

About