Said D., Marchetti E.
Life cycle Authorization systems development GDPR perspective
The General Data Protection Regulation (GDPR) defines the principle of Integrity and Confidentiality, and implicitly calls for the adoption of authorization systems for regulating the access to personal data. We present here a process development life cycle for the specification, deployment and testing of authorization systems. The life cycle targets legal aspects, such as the data usage purpose, the user consent and the data retention period. We also present its preliminary architecture where available solutions for extracting, implementing and testing the data protection regulation are integrated. The objective is to propose for the first time a unique improved solution for addressing different aspects of the GDPR development and enforcement along all the life cycle phases.
Source: 4th Italian Conference on Cyber Security, ITASEC 2020, Ancona, Italy, 05-07/02/2020
Publisher: M. Jeusfeld c/o Redaktion Sun SITE, Informatik V, RWTH Aachen., Aachen, Germania
@inproceedings{oai:it.cnr:prodotti:424447, title = {A life cycle for authorization systems development in the GDPR perspective}, author = {Said D. and Marchetti E.}, publisher = {M. Jeusfeld c/o Redaktion Sun SITE, Informatik V, RWTH Aachen., Aachen, Germania}, booktitle = {4th Italian Conference on Cyber Security, ITASEC 2020, Ancona, Italy, 05-07/02/2020}, year = {2020} }