Privacy Compliance Requirements in Workflow Environments

Workflow management systems are used to run day-to-day applications in numerous domains, often including exchange and processing of sensitive data. Their native “leakage-proneness,” being the consequence of their distributed and collaborative nature, calls for sophisticated mechanisms able to guarantee proper enforcement of the necessary privacy protection measures. Motivated by the principles of Privacy by Design and its potential for workflow environments, this chapter investigates the associated issues, challenges, and requirements. With the legal and regulatory provisions regarding privacy in information systems as a baseline, the chapter elaborates on the challenges and derived requirements in the context of workflow environments, taking into account the particular needs and implications of the latter. Further, it highlights important aspects that need to be considered regarding, on the one hand, the incorporation of privacy-enhancing features in the workflow models themselves and, on the other, the evaluation of the latter against privacy provisions.

Download Full-text

Privacy Compliance Requirements in Workflow Environments

Censorship, Surveillance, and Privacy ◽

10.4018/978-1-5225-7113-1.ch092 ◽

2019 ◽

pp. 1845-1866

Author(s):

Maria N. Koukovini ◽

Eugenia I. Papagiannakopoulou ◽

Georgios V. Lioudakis ◽

Nikolaos L. Dellas ◽

Dimitra I. Kaklamani ◽

...

Keyword(s):

Information Systems ◽

Privacy Protection ◽

Workflow Management ◽

The Other ◽

Privacy By Design ◽

Workflow Management Systems ◽

Sensitive Data ◽

Protection Measures ◽

Compliance Requirements ◽

The One

Workflow management systems are used to run day-to-day applications in numerous domains, often including exchange and processing of sensitive data. Their native “leakage-proneness,” being the consequence of their distributed and collaborative nature, calls for sophisticated mechanisms able to guarantee proper enforcement of the necessary privacy protection measures. Motivated by the principles of Privacy by Design and its potential for workflow environments, this chapter investigates the associated issues, challenges, and requirements. With the legal and regulatory provisions regarding privacy in information systems as a baseline, the chapter elaborates on the challenges and derived requirements in the context of workflow environments, taking into account the particular needs and implications of the latter. Further, it highlights important aspects that need to be considered regarding, on the one hand, the incorporation of privacy-enhancing features in the workflow models themselves and, on the other, the evaluation of the latter against privacy provisions.

Download Full-text

Automated Text Similarities Approach: GDPR and Privacy by Design Principles

Frontiers in Artificial Intelligence and Applications - Information Modelling and Knowledge Bases XXXII ◽

10.3233/faia200831 ◽

2020 ◽

Author(s):

Boštjan Brumen

Keyword(s):

Information Systems ◽

Privacy Protection ◽

Design Principles ◽

The Other ◽

Privacy By Design ◽

Similarity Comparison ◽

Seven Principles ◽

Recent Advances ◽

Legal Texts

Respect for privacy is not a modern phenomenon as it has been around for centuries. Recent advances in technologies led to the rise of awareness of the importance of privacy, and to the development of principles for privacy protection to guide the engineering of information systems on one side, and on using the principles to draft legal texts protecting privacy on the other side. In this paper, we analyze how respect for privacy has been implemented in GDPR by automated comparison of the similarity of GDPR’s articles and the text of seven principles of Privacy by Design. We have compared the specific text of GDPR’s first 50 core privacy-protecting articles and the GDPR’s remaining provisions to establish independent supervisory authorities. The first half is observing the privacy by design principles, each of them considerably more than the second half. Our findings show that automated similarity comparison can highlight portions of legal texts where principles were observed. The results can support drafting legal texts to check whether important legal (or other) principles were adequately addressed.

Download Full-text

The Orderliness of Music from the Perspective of Complex Information Systems

Proceedings ◽

10.3390/proceedings2020047055 ◽

2020 ◽

Vol 47 (1) ◽

pp. 55

Author(s):

Shan Zhang

Keyword(s):

Information Systems ◽

20Th Century ◽

Natural Science ◽

The Other ◽

Western Music ◽

Classical Period ◽

20Th Century Music ◽

Complex Information ◽

History Of ◽

The One

By applying the concept of natural science to the study of music, on the one hand, we can understand the structure of music macroscopically, on the other, we can reflect on the history of music to a certain extent. Throughout the history of western music, from the classical period to the 20th century, music seems to have gone from order to disorder, but it is still orderly if analyzed carefully. Using the concept of complex information systems can give a good answer in the essence.

Download Full-text

THE APPLICATION OF PETRI NETS TO WORKFLOW MANAGEMENT

Journal of Circuits System and Computers ◽

10.1142/s0218126698000043 ◽

1998 ◽

Vol 08 (01) ◽

pp. 21-66 ◽

Cited By ~ 1478

Author(s):

W. M. P. VAN DER AALST

Keyword(s):

Petri Nets ◽

Petri Net ◽

Business Processes ◽

State Of The Art ◽

Workflow Management ◽

Explicit Representation ◽

The Other ◽

Application Domain ◽

Analysis Techniques ◽

The One

Workflow management promises a new solution to an age-old problem: controlling, monitoring, optimizing and supporting business processes. What is new about workflow management is the explicit representation of the business process logic which allows for computerized support. This paper discusses the use of Petri nets in the context of workflow management. Petri nets are an established tool for modeling and analyzing processes. On the one hand, Petri nets can be used as a design language for the specification of complex workflows. On the other hand, Petri net theory provides for powerful analysis techniques which can be used to verify the correctness of workflow procedures. This paper introduces workflow management as an application domain for Petri nets, presents state-of-the-art results with respect to the verification of workflows, and highlights some Petri-net-based workflow tools.

Download Full-text

Is It Privacy or Is It Access Control?

Information Security in Diverse Computing Environments - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-6158-5.ch004 ◽

2014 ◽

pp. 51-58 ◽

Cited By ~ 1

Author(s):

Sylvia L. Osborn

Keyword(s):

Access Control ◽

Privacy Protection ◽

The Other ◽

Data Sets ◽

Online Systems ◽

Other Hand ◽

The One

With the widespread use of online systems, there is an increasing focus on maintaining the privacy of individuals and information about them. This is often referred to as a need for privacy protection. The author briefly examines definitions of privacy in this context, roughly delineating between keeping facts private and statistical privacy that deals with what can be inferred from data sets. Many of the mechanisms used to implement what is commonly thought of as access control are the same ones used to protect privacy. This chapter explores when this is not the case and, in general, the interplay between privacy and access control on the one hand and, on the other hand, the separation of these models from mechanisms for their implementation.

Download Full-text

Privacy Protection in Smart Grid using Blind Signature Method

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.k1234.09811s19 ◽

2019 ◽

Vol 8 (11S) ◽

pp. 1162-1165

Keyword(s):

Smart Grid ◽

Real Time ◽

Information Flow ◽

Privacy Protection ◽

Information Technologies ◽

Transmission Power ◽

Sensitive Data ◽

Time Period ◽

Feature Characteristic ◽

The One

A grid (electrical) that is capable of being electronically controlled and that grid is used for connecting transmission, power generation, distribution (of electricity) as well as consumers using communication and or along with information technologies is called Smart Grid. Information flow that is Bi-directional in nature between the one that provide utility and the one that consumes electricity is one the key feature characteristic of the smart grid. This interaction that is two way in nature permits real time generation of electricity orin real-real--time period based on the demands of the consumer and requirement requests for power. The result of which is, privacy of the client becomes a vital importance and concern, when the usage data that is related to energy is collected with adoption as well as the deployment of smart grid technologies. For the protection of such sensitive data and information (related to consumer), it makes the use of mechanism that are used for privacy protection very much imperative or important for the protection the of smart grid user’s privacy. This paper proposes an analysis related to the privacy mechanisms and solutions of the smart grid that are recently proposed and intern identifying their weaknesses as well as strengths in terms of their efficiency, complexity of implementation, simplicity and robustness.

Download Full-text

RNPLS&T’s bibliographic database “Library Information Systems and Innovations in Digital Environment”: Document analysis

Scientific and Technical Libraries ◽

10.33186/1027-3689-2020-3-61-68 ◽

2020 ◽

pp. 61-68

Author(s):

M. I. Kamysheva

Keyword(s):

Information Systems ◽

The Other ◽

Bibliographic Database ◽

Digital Environment ◽

Sources Of Information ◽

Vast Number ◽

Bibliographic Records ◽

Typical Composition ◽

Number Of Publications ◽

The One

The contents and subject scope of the peer-reviewed bibliographic database Library Information Systems and Innovations in Digital Environment, LIS), based in IRBIS64 software are characterized in brief. The proportion of source document types and bibliographic records is identified. Science and scientific and practical journals prove to be the major source for the bibliographic array, while the share of other source types is relatively small. The major sources of information, or the core journals within the LIS database subject scope are revealed. Based on the LIS databases contents, the parallel is drawn with Bradford scattering law which states that if journals in a field are sorted by number of articles into three groups, each with about one-third of all articles, then the number of publications in specialized journals will make the one-third, the other one third will be published in the related journals and the other will be distributed between in a vast number of science periodicals unpredictable for the said subject scope. The author establishes that the qualitative and typical composition of the LIS database bibliographic array is in full accord withBradford’s law.

Download Full-text

Responsibility, Jurisdiction, and the Future of “Privacy by Design”

Investigating Cyber Law and Cyber Ethics ◽

10.4018/978-1-61350-132-0.ch001 ◽

2012 ◽

pp. 1-20

Author(s):

Ugo Pagallo

Keyword(s):

Information And Communication Technologies ◽

Video Surveillance ◽

Data Protection ◽

Communication Technologies ◽

Smart Cards ◽

The Other ◽

Legal Systems ◽

Privacy By Design ◽

Information And Communication ◽

The One

This chapter focuses on some of the most relevant issues in today’s data protection: responsibility and jurisdiction are examined in the light of the principle of “privacy by design.” On one hand, both from the substantial and procedural points of view, national legal systems determine differently rights and duties in the field of data protection. On the other hand, these divergences can be overcome to some extent, by preventing privacy infringements through the incorporation of data protection safeguards in information and communication technologies. Although it is unlikely that “privacy by design” can offer the one-size-fits-all solution to the problems emerging in the field, it is plausible that the principle will be the key to understand how today’s data protection-issues are being handled. By embedding privacy safeguards in places and spaces, products and processes, such as Information Systems in hospitals, video surveillance networks in public transports, or smart cards for biometric identifiers, the aim should be to strengthen people’s rights and widen the range of their choices. On this basis, we can avert both paternalism modelling individual behavior and chauvinism disdaining different national provisions of current legal systems.

Download Full-text

The Social Responsibility of Information Systems Developers

Socio-Technical and Human Cognition Elements of Information Systems ◽

10.4018/978-1-59140-104-9.ch003 ◽

2003 ◽

pp. 41-59 ◽

Cited By ~ 1

Author(s):

N. F. du Plooy

Keyword(s):

Information Systems ◽

Social Responsibility ◽

Social Systems ◽

Social Consequences ◽

The Other ◽

Human Environment ◽

Information Systems Professionals ◽

The Social ◽

Social Side ◽

The One

Information systems professionals have often been accused of ignoring issues such as ethics, human factors, social consequences, etc., during the development of an information system. This chapter aims to put into perspective that this attitude or ‘fact’ could be a result of a somewhat outdated mechanistic view of information systems and their role in organizations. Organizations adopt and use information systems for a variety of reasons, of which some of the most influential on the outcome or success of the systems often are neither planned nor anticipated. It is these reasons and their consequences that are the main point of discussion in this chapter. The importance of viewing information systems as social systems is stressed and it is pointed out that the ‘social side’ of information systems is the ‘other side of the coin’ of technical development methodologies. In the modern organization all work is so intertwined with the use of information technology that the one side cannot be considered, planned or developed, without considering the other. It is furthermore argued that it is the social responsibility of information systems professional to ensure that the human environment within which systems are being developed is cultivated and nurtured.

Download Full-text