Abstract
Handling personal data in a legally compliant way is an important factor for ensuring the trustworthiness of a service provider. The EU data protection directive (EU DPD) is built in such a way that the outcomes of rules are subject to explanations, contexts with dependencies, and human interpretation. Therefore, the process of obtaining deterministic and formal rules in policy languages from the EU DPD is difficult to fully automate. To tackle this problem, we demonstrate in this paper the use of a Controlled Natural Language (CNL) to encode the rules of the EU DPD, in a manner that can be automatically converted into the policy languages XACML and PERMIS. We also show that forming machine executable rules automatically from the controlled natural language grammar not only has the benefit of ensuring the correctness of those rules but also has potential of making the overall process more efficient.
Original language | English |
---|---|
Title of host publication | IEEE Symposium on Security and Privacy, Fairmont, San Jose, California, 22-26 May 2016 |
Publisher | IEEE |
ISBN (Electronic) | 978-1-5090-3690-5 |
ISBN (Print) | 978-1-5090-3691-2 |
DOIs | |
Publication status | Published - 4 Aug 2016 |