Daoudagh S., Marchetti E., Savarino V., Di Bernardo R., Alessi M.
Access control Consent management Privacy-by-Design GDPR
This paper presents a privacy-by-design solution based on Consent Manager (CM) and Access Control (AC) to aid organizations to comply with the GDPR. The idea is to start from the GDPR's text, transform it into a machine-readable format through a given CM, and then convert the obtained outcome to a set of enforceable Access Control Policies (ACPs). As a result, we have defined a layered architecture that makes any given system privacy-aware, i.e., systems that are compliant by-design with the GDPR. Furthermore, we have provided a proof-of-concept by integrating a Consent Manager coming from an industrial context and an AC Manager coming from academia.
Source: ICISSP 2021 - 7th International Conference on Information Systems Security and Privacy, pp. 534–541, Online conference, 11-13/02/2021
@inproceedings{oai:it.cnr:prodotti:457677, title = {How to improve the GDPR compliance through consent management and access control}, author = {Daoudagh S. and Marchetti E. and Savarino V. and Di Bernardo R. and Alessi M.}, doi = {10.5220/0010260205340541}, booktitle = {ICISSP 2021 - 7th International Conference on Information Systems Security and Privacy, pp. 534–541, Online conference, 11-13/02/2021}, year = {2021} }