dc.date.accessioned | 2013-03-12T08:14:44Z | |
dc.date.available | 2013-03-12T08:14:44Z | |
dc.date.issued | 2006 | en_US |
dc.date.submitted | 2006-05-14 | en_US |
dc.identifier.citation | Hiorth-Schøyen, Helle. Enforcement of Privacy Policies in Enterprise Systems. Masteroppgave, University of Oslo, 2006 | en_US |
dc.identifier.uri | http://hdl.handle.net/10852/9453 | |
dc.description.abstract | In our daily life, large amounts of personal data are collected, stored and processed in
enterprise systems. This is often done without our knowledge. The protection of these
personal data has become a matter of concern for legislators, enterprises, and increasingly
aware data subjects.
The goal of this thesis is to investigate the use of a transparent privacy framework to enforce
privacy policies in enterprise systems, and to establish a set of criteria for such a framework.
In this thesis, the concepts of privacy and privacy enhancing technologies (PETs) including
the Enterprise Privacy Authorisation Language (EPAL) are discussed, the current legislation
pertaining to privacy is presented, enterprise systems including the technology of web
services are introduced, and a set of criteria is derived from a study of these concepts. Further,
the development of a demo enterprise application system is presented and its integration with
a transparent privacy framework for the enforcement of privacy policies in enterprise systems
is discussed. The modifications to the framework necessary for this integration are also
discussed. The results obtained from this integration are discussed, and analysed and
evaluated with respect to this set of derived criteria.
These criteria imply that such frameworks must authenticate users and map system activities
to purposes and privacy relevant actions. Data subjects must be identified and personal
policies handled. Privacy relevant data categories of the enterprise must be identified and
context data received to evaluate conditions. Obligations that may follow from processing
personal data should be implemented. These are all criteria for protecting the confidentiality
and integrity of personal data and have through this thesis showed to be difficult to implement
in a transparent application framework. The results arrived in this Master’s thesis identify and
highlight a number of challenges in the area of transparent privacy frameworks and make
clear the need for further work on this subject. | nor |
dc.language.iso | eng | en_US |
dc.title | Enforcement of Privacy Policies in Enterprise Systems : Principles and Criteria for a Transparent Application Framework | en_US |
dc.type | Master thesis | en_US |
dc.date.updated | 2006-06-13 | en_US |
dc.creator.author | Hiorth-Schøyen, Helle | en_US |
dc.subject.nsi | VDP::420 | en_US |
dc.identifier.bibliographiccitation | info:ofi/fmt:kev:mtx:ctx&ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:dissertation&rft.au=Hiorth-Schøyen, Helle&rft.title=Enforcement of Privacy Policies in Enterprise Systems&rft.inst=University of Oslo&rft.date=2006&rft.degree=Masteroppgave | en_US |
dc.identifier.urn | URN:NBN:no-12369 | en_US |
dc.type.document | Masteroppgave | en_US |
dc.identifier.duo | 40902 | en_US |
dc.contributor.supervisor | Jens Kaasbøll | en_US |
dc.identifier.bibsys | 060964057 | en_US |
dc.identifier.fulltext | Fulltext https://www.duo.uio.no/bitstream/handle/10852/9453/1/HHS.pdf | |