A Conceptual Model for the General Data Protection Regulation

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 12956 LNCS, Issue , 2021, Pages 60-77

  Cantiello, Pasquale ^a   Mastroianni, Michele ^b   Rak, Massimiliano ^b  

^a OSSERVATORIO VESUVIANO   (Italy)

^b SECOND UNIVERSITY OF NAPLES   (Italy)

Author keywords

Cloud; GDPR; Privacy

Indexed keywords

ARTIFICIAL INTELLIGENCE; COMPUTERS;

CONCEPTUAL MAPS; CONCEPTUAL MODEL; GENERAL DATA PROTECTION REGULATIONS; GOVERNMENT IS; MAP APPROACH; NETWORK-BASED; PERSONAL SPACES; PRIVACY; SERVICE PROVIDER; SIDE EFFECT;

DATA PRIVACY;

EID: 85115712498     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-030-87010-2_5     Document Type: Conference Paper

References (15)

1. Ahmadian, A.S., Coerschulte, F., Jürjens, J.: Supporting the security certification and privacy level agreements in the context of clouds. In: Conference of 5th International Symposium on Business Modeling and Software Design, BMSD 2015, 6 July 2015 Through 8 July 2015, Conference Code: 176459, pp. 80–95 (2016). https://doi.org/10.1007/978-3-319-40512-4 5
2. Ahmadian, A.S., Strüber, D., Riediger, V., Jürjens, J.: Supporting privacy impact assessment by model-based privacy analysis. In: Proceedings of the 33rd Annual ACM Symposium on Applied Computing, New York, NY, USA, pp. 1467–1474, SAC 2018. Association for Computing Machinery (2018). https://doi.org/10.1145/3167132.3167288
3. Ahmadian, A., Jurjens, J.: Supporting model-based privacy analysis by exploiting privacy level agreements, Conference of 8th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2016, pp. 360–365. IEEE Computer Society (2016). https://doi.org/10.1109/CloudCom.2016.0063. 12 December 2016 Through 15 December 2016; Conference Code: 126112
4. Article 29 Working Party: guidelines on personal data breach notification under Regulation 2016/679 (wp250rev.01) (2018). https://ec.europa.eu/newsroom/article29/item-detail.cfm?item id=612052
5. Cloud Security Alliance (CSA): Privacy level agreement outline for the sale of cloud services in the European union, p. 21 (2013). https://downloads. cloudsecurityalliance.org/initiatives/pla/Privacy Level Agreement Outline.pdf
6. Council of European Union: General Data Protection Regulation (2016). https://eur-lex.europa.eu/eli/reg/2016/679/oj
7. Di Martino, B., Mastroianni, M., Campaiola, M., Morelli, G., Sparaco, E.: Semantic techniques for validation of GDPR compliance of business processes. In: Barolli, L., Hussain, F.K., Ikeda, M. (eds.) CISIS 2019. AISC, vol. 993, pp. 847–855. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-22354-0 78
8. Diamantopoulou, V., Androutsopoulou, A., Gritzalis, S., Charalabidis, Y.: An assessment of privacy preservation in crowdsourcing approaches: towards GDPR compliance, vol. 2018, pp. 1–9 (2018). IEEE Computer Society (2018). https://doi. org/10.1109/RCIS.2018.8406643
9. Diamantopoulou, V., Pavlidis, M., Mouratidis, H.: Privacy level agreements for public administration information systems, p. 8 (2017)
10. Diamantopoulou, V., Tsohou, A., Karyda, M.: From ISO/IEC 27002:2013 information security controls to personal data protection controls: guidelines for GDPR compliance. In: Katsikas, S., et al. (eds.) CyberICPS/SECPRE/SPOSE/ADIoT-2019. LNCS, vol. 11980, pp. 238–257. Springer, Cham (2020). https://doi.org/10. 1007/978-3-030-42048-2 16
11. Elluri, L., Joshi, K.P.: A knowledge representation of cloud data controls for EU GDPR compliance. In: 2018 IEEE World Congress on Services (SERVICES), pp. 45–46. IEEE, July 2018. https://doi.org/10.1109/SERVICES.2018.00036, https://ieeexplore.ieee.org/document/8495788/
12. Elluri, L., Nagar, A., Joshi, K.P.: An integrated knowledge graph to automate GDPR and PCI DSS compliance. In: 2018 IEEE International Conference on Big Data (Big Data), pp. 1266–1271. IEEE, December 2018. https://doi.org/10.1109/BigData.2018.8622236, https://ieeexplore.ieee.org/document/8622236/
13. Joint Task Force Interagency Working Group: Security and Privacy Controls for Information Systems and Organizations. Technical report, National Institute of Standards and Technology, September 2020. https://doi.org/10.6028/NIST.SP.800-53r5, https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST. SP.800-53r5.pdf. Edition: Revision 5
14. Palmirani, M., Martoni, M., Rossi, A., Bartolini, C., Robaldo, L.: PrOnto: privacy ontology for legal reasoning. In: Kő, A., Francesconi, E. (eds.) EGOVIS 2018. LNCS, vol. 11032, pp. 139–152. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98349-3 11
15. Rios, E.: Service level agreement-based GDPR compliance and security assurance in (multi)cloud-based systems. IET Softw. 13(3), 213–222 (2019). https://doi.org/10.1049/iet-sen.2018.5293