Log Analysis for Data Protection Accountability

  • Denis Butin
  • Daniel Le Métayer
Conference paper

DOI: 10.1007/978-3-319-06410-9_12

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8442)
Cite this paper as:
Butin D., Le Métayer D. (2014) Log Analysis for Data Protection Accountability. In: Jones C., Pihlajasaari P., Sun J. (eds) FM 2014: Formal Methods. FM 2014. Lecture Notes in Computer Science, vol 8442. Springer, Cham

Abstract

Accountability is increasingly recognised as a cornerstone of data protection, notably in European regulation, but the term is frequently used in a vague sense. For accountability to bring tangible benefits, the expected properties of personal data handling logs (used as “accounts”) and the assumptions regarding the logging process must be defined with accuracy. In this paper, we provide a formal framework for accountability and show the correctness of the log analysis with respect to abstract traces used to specify privacy policies. We also show that compliance with respect to data protection policies can be checked based on logs free of personal data, and describe the integration of our formal framework in a global accountability process.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Denis Butin
    • 1
  • Daniel Le Métayer
    • 1
  1. 1.InriaUniversité de LyonFrance

Personalised recommendations