Skip to Main content Skip to Navigation

Modelling of a privacy language and efficient policy-based de-identification

Abstract : The processing of personal information is omnipresent in our datadriven society enabling personalized services, which are regulated by privacy policies. Although privacy policies are strictly defined by the General Data Protection Regulation (GDPR), no systematic mechanism is in place to enforce them. Especially if data is merged from several sources into a data-set with different privacy policies associated, the management and compliance to all privacy requirements is challenging during the processing of the data-set. Privacy policies can vary hereby due to different policies for each source or personalization of privacy policies by individual users. Thus, the risk for negligent or malicious processing of personal data due to defiance of privacy policies exists. To tackle this challenge, a privacy-preserving framework is proposed. Within this framework privacy policies are expressed in the proposed Layered Privacy Language (LPL) which allows to specify legal privacy policies and privacy-preserving de-identification methods. The policies are enforced by a Policy-based De-identification (PD) process. The PD process enables efficient compliance to various privacy policies simultaneously while applying pseudonymization, personal privacy anonymization and privacy models for de-identification of the data-set. Thus, the privacy requirements of each individual privacy policy are enforced filling the gap between legal privacy policies and their technical enforcement.
Document type :
Complete list of metadata

Cited literature [308 references]  Display  Hide  Download
Contributor : Abes Star :  Contact
Submitted on : Thursday, July 16, 2020 - 11:50:11 AM
Last modification on : Tuesday, June 1, 2021 - 2:08:08 PM
Long-term archiving on: : Tuesday, December 1, 2020 - 5:31:56 PM


Version validated by the jury (STAR)


  • HAL Id : tel-02900624, version 1


Armin Gerl. Modelling of a privacy language and efficient policy-based de-identification. Cryptography and Security [cs.CR]. Université de Lyon; Universität Passau (Deutscheland), 2019. English. ⟨NNT : 2019LYSEI105⟩. ⟨tel-02900624⟩



Record views


Files downloads