2021
Conference article  Open Access

How to improve the GDPR compliance through consent management and access control

Daoudagh S., Marchetti E., Savarino V., Di Bernardo R., Alessi M.

Access control  Consent management  Privacy-by-Design  GDPR 

This paper presents a privacy-by-design solution based on Consent Manager (CM) and Access Control (AC) to aid organizations to comply with the GDPR. The idea is to start from the GDPR's text, transform it into a machine-readable format through a given CM, and then convert the obtained outcome to a set of enforceable Access Control Policies (ACPs). As a result, we have defined a layered architecture that makes any given system privacy-aware, i.e., systems that are compliant by-design with the GDPR. Furthermore, we have provided a proof-of-concept by integrating a Consent Manager coming from an industrial context and an AC Manager coming from academia.

Source: ICISSP 2021 - 7th International Conference on Information Systems Security and Privacy, pp. 534–541, Online conference, 11-13/02/2021

Metrics



Back to previous page

Share

Cite as

BibTeX entry
@inproceedings{oai:it.cnr:prodotti:457677,
	title = {How to improve the GDPR compliance through consent management and access control},
	author = {Daoudagh S. and Marchetti E. and Savarino V. and Di Bernardo R. and Alessi M.},
	doi = {10.5220/0010260205340541},
	booktitle = {ICISSP 2021 - 7th International Conference on Information Systems Security and Privacy, pp. 534–541, Online conference, 11-13/02/2021},
	year = {2021}
}

CNR authors and affiliations

Download

Projects (via OpenAIRE)

CyberSec4Europe
Cyber Security Network of Competence Centres for Europe


OpenAIRE
Privacy Policy