Abstract
The number of factories, service providers, retailers, and final users that create networks and establish collaborations for increasing their productivity and competitiveness is constantly growing, especially by effect of the globalization and outsourcing of industrial activities. This trend introduces new complexities in the value supply chain, not last the need for secure and private data sharing among the collaborating parties. A Data Sharing Agreement (DSA) represents a flexible means to assure privacy and security of electronic data exchange. DSA is a formal document regulating data exchange in a controlled manner, by defining a set of policies specifying what parties are allowed, or required, or denied to do with respect to data covered by the agreement. A key factor in the adoption of DSAs is their usability. Here, we propose an approach for a consistent and automated design phase of the agreements. In particular, we present an authoring tool for a user-friendly and cooperative editing of DSA and an analysis tool to identify possible conflicts or incompatibilities among the DSA policies.
The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grant no 257930 (Aniketos) and under grant no 256980 (NESSoS), and from the IIT-funded project Mobi-Care.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
The Consequence Team: D2.1: Methodologies and Tools for Data Sharing Agreements Infrastructure (2008), http://www.consequence-project.eu/Deliverables_Y1/D2.1.pdf
Matteucci, I., Petrocchi, M., Sbodio, M.L.: CNL4DSA: a Controlled Natural Language for Data Sharing Agreements. In: SAC: Privacy on the Web Track. ACM (2010)
Larsen, K.G., Thomsen, B.: A modal process logic. In: LICS, pp. 203–210 (1988)
Clavel, M., Durán, F., Eker, S., Lincoln, P., MartÃ-Oliet, N., Bevilacqua, V., Talcott, C. (eds.): All About Maude - A High-Performance Logical Framework. LNCS, vol. 4350, pp. 737–749. Springer, Heidelberg (2007)
The Consequence Team: D6.4: Final Evaluation of the Sensitive Data Test Bed (2011), http://www.consequence-project.eu/Deliverables_Y3/D6.4.pdf
The Consequence Team: D5.4: Final Evaluation of the Policy-Based Security for Crisis Management Test Bed (2011), http://www.consequence-project.eu/Deliverables_Y3/D5.4.pdf
Brodie, C., et al.: The Coalition Policy Management Portal for Policy Authoring, Verification, and Deployment. In: POLICY, pp. 247–249 (2008)
Swarup, V., Seligman, L., Rosenthal, A.: A Data Sharing Agreement Framework. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, pp. 22–36. Springer, Heidelberg (2006)
Swarup, V., et al.: Specifying Data Sharing Agreements. In: POLICY, pp. 157–162 (2006)
Brodie, C., et al.: An Empirical Study of Natural Language Parsing of Privacy Policy Rules using the SPARCLE Policy Workbench. In: SOUPS, pp. 8–19. ACM (2006)
Fisler, K., Krishnamurthi, S.: A Model of Triangulating Environments for Policy Authoring. In: SACMAT, pp. 3–12. ACM (2010)
Mousas, A.S., et al.: Visualising Access Control: The PRISM Approach. In: Panhellenic Conference on Informatics (2010)
Abadi, M.: Logic in Access Control. In: LICS, p. 228. IEEE (2003)
Bicarregui, J., Arenas, A., Aziz, B., Massonet, P., Ponsard, C.: Towards Modelling Obligations in Event-B. In: Börger, E., Butler, M., Bowen, J.P., Boca, P. (eds.) ABZ 2008. LNCS, vol. 5238, pp. 181–194. Springer, Heidelberg (2008)
Arenas, A., Aziz, B., Bicarregui, J., Wilson, M.D.: An Event-B Approach to Data Sharing Agreements. In: Méry, D., Merz, S. (eds.) IFM 2010. LNCS, vol. 6396, pp. 28–42. Springer, Heidelberg (2010)
Craven, R., et al.: Expressive Policy Analysis with Enhanced System Dynamicity. In: ASIACCS (2009)
Ni, Q., et al.: Privacy-aware Role-based Access Control. ACM Transactions on Information and System Security 13 (2010)
Policy Design Tool (2009), http://www.alphaworks.ibm.com/tech/policydesigntool
De Nicola, R., Ferrari, G.L., Pugliese, R.: Programming Access Control: The KLAIM Experience. In: Palamidessi, C. (ed.) CONCUR 2000. LNCS, vol. 1877, pp. 48–65. Springer, Heidelberg (2000)
Hansen, R.R., Nielson, F., Nielson, H.R., Probst, C.W.: Static Validation of Licence Conformance Policies. In: ARES, pp. 1104–1111 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Matteucci, I., Petrocchi, M., Sbodio, M.L., Wiegand, L. (2012). A Design Phase for Data Sharing Agreements. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds) Data Privacy Management and Autonomous Spontaneus Security. DPM SETOP 2011 2011. Lecture Notes in Computer Science, vol 7122. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28879-1_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-28879-1_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28878-4
Online ISBN: 978-3-642-28879-1
eBook Packages: Computer ScienceComputer Science (R0)