A privacy-policy matching engine may support users in determining if their privacy preferencesmatch with a service provider’s privacy policy. Furthermore, third parties, such asData Protection Agencies (DPAs), may support users in determining if a service provider’sprivacy policy is a reasonable privacy policy for a given service by issuing recommendationsfor reasonable data handling practises for different services. These recommendations needto be matched with service provider’s privacy policies, to determine if a privacy policy isreasonable or not, and with user’s privacy preferences, to determine if a set of preferencesare reasonable or not.In this thesis we propose a design of a new privacy-policy language, called the UPrIMPolicy Language (UPL). UPL is modelled on the PrimeLife Policy Language (PPL)and tries to improve some of PPL’s shortcomings. UPL also tries to include informationdeemed mandatory for service providers according to the European Data Protection Directive95/46/EC (DPD). In order to demonstrate the features of UPL, we developed aproof-of-concept matching engine and a set of example instances of UPL. The matchingengine is able to match preferences, policies and recommendations in any combination.The example instances are modelled on four stages of data disclosure found in literature.
Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:kau-26512 |
Date | January 2013 |
Creators | Oggolder, Michael |
Publisher | Karlstads universitet, Institutionen för matematik och datavetenskap |
Source Sets | DiVA Archive at Upsalla University |
Language | English |
Detected Language | English |
Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
Format | application/pdf |
Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0022 seconds