Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Automating GDPR compliance verification for cloud-hosted services

Barati, Masoud, Theodorakopoulos, George ORCID: https://orcid.org/0000-0003-2701-7809 and Rana, Omer ORCID: https://orcid.org/0000-0003-3597-2646 2020. Automating GDPR compliance verification for cloud-hosted services. Presented at: 2020 International Symposium on Networks, Computers and Communications (ISNCC), Virtual, Canada, 20-22 October 2020. 2020 International Symposium on Networks, Computers and Communications (ISNCC). IEEE, pp. 1-6. 10.1109/ISNCC49221.2020.9297309

[thumbnail of Blockchains_Masoud (18).pdf]
Preview
PDF - Accepted Post-Print Version
Download (728kB) | Preview

Abstract

Cloud-hosted business processes require access to customer data to complete a transaction, to improve a customer’s on-line experience or provide useful product recommendations. However, privacy concerns associated with the use of this data have led to legal regulations that impose restrictions on how such data is requested or processed by an on-line service, with large penalties for violating these restrictions, e.g. the European General Data Protection Regulation (GDPR). We propose a framework for helping cloud-hosted services automate GDPR compliance checking. The framework comprises three steps: represent data flow in business processes with an appropriate abstraction (timed transition systems), formalise GDPR rules and obligations and incorporate them into the same abstraction, and implement the abstraction in a model checking tool (Uppaal) in order to automatically verify compliance of business process activities with GDPR. We demonstrate the approach using a cloud-based purchase order system.

Item Type: Conference or Workshop Item (Paper)
Date Type: Published Online
Status: Published
Schools: Computer Science & Informatics
Publisher: IEEE
ISBN: 9781728156286
Funders: EPSRC
Date of First Compliant Deposit: 26 December 2020
Date of Acceptance: 10 September 2020
Last Modified: 06 Jul 2023 01:58
URI: https://orca.cardiff.ac.uk/id/eprint/137148

Citation Data

Cited 4 times in Scopus. View in Scopus. Powered By Scopus® Data

Actions (repository staff only)

Edit Item Edit Item

Downloads

Downloads per month over past year

View more statistics