SlideShare a Scribd company logo

A UML Profile for Privacy Enforcement

Download as PPTX, PDF
Javier Canovas, profile picture
Javier Canovas

The document discusses a UML profile aimed at enhancing privacy enforcement through the use of data privacy laws and methodologies, specifically focusing on the European context. It emphasizes the importance of making data openly available while also maintaining user privacy through compliance with regulations like GDPR. The authors propose a framework for privacy-aware applications and outline challenges related to the implementation and promotion of privacy annotations in existing models.

Science
1 of 31
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
A UML Profile for Privacy Enforcement Javier L. Cánovas Izquierdo, Julián Salas unsplash/matthew-henry
flickr/clark-tibbs Motivation
Data is key
Data is key User Information Email, social security number, passport… Geolocation, videos, pictures, routines…Personal Data
Data is key User Information Email, social security number, passport… Geolocation, videos, pictures, routines…Personal Data Composite information Route to go to work… Places to pass the night…
Data is key User Information Data is the new currency Email, social security number, passport… Geolocation, videos, pictures, routines…Personal Data Composite information Route to go to work… Places to pass the night…
Data is key User Information Data is the new currency Email, social security number, passport… Geolocation, videos, pictures, routines…Personal Data Composite information Route to go to work… Places to pass the night…
The Open Data Movement Data should be freely available to everyone to use and republish as they wish, without restrictions from copyright, patents or other mechanisms of control
The Open Data Movement Data should be freely available to everyone to use and republish as they wish, without restrictions from copyright, patents or other mechanisms of control •Geographic, geopolitical and financial data Statistics Election results Legal acts Data on crime, health, the environment, transport and scientific research
The Open Data Movement Data should be freely available to everyone to use and republish as they wish, without restrictions from copyright, patents or other mechanisms of control •Geographic, geopolitical and financial data Statistics Election results Legal acts Data on crime, health, the environment, transport and scientific research BUT…
Let’s not forget to mention… …harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy…
KEEP CALM AND COMPLY WITH GDPR
How is it treated currently?
How is it treated currently?…in MDE?
How is it treated currently?…in MDE?
How is it treated currently?…in MDE? Privacy and security at high-level Methodological approaches Access control policy solutions Mont, M.C., Pearson, S., Creese, S., Goldsmith, M., Papanikolaou, N.: A Conceptual Model for Privacy Policies with Consent and Revocation Requirements Allison, D.S., Yamany, H.F.E., Capretz, M.A.M.: Metamodel for privacy policies within SOA Busch, M.: Evaluating & engineering: an approach for the development of secure web applications Basso, T., Montecchi, L., Moraes, R., Jino, M., Bondavalli, A.: Towards a UML profile for privacy-aware applications Ahmadian, A.S., Peldszus, S., Ramadan, Q., Jürjens, J.: Model-based privacy and security analysis with carisma Ahmadian, A.S., Strüber, D., Riediger, V., Jürjens, J.: Model-based privacy analysis in industrial ecosystems Alshammari, M., Simpson, A.: A UML profile for privacy-aware data lifecycle models XACML, PRBAC, UMLSec, Ponder
Unsplash/david-iskander Our Proposal
Example
Example
A profile for privacy enforcement
A profile for privacy enforcement
A profile for privacy enforcement
A profile for privacy enforcement
A profile for privacy enforcement
A profile for privacy enforcement
A profile for privacy enforcement
Example with our profile
Conclusion • Profile to specify privacy • Models annotated with the profile can promote privacy enforcement What we have shown What we want to do next Application to specific fields Promoting Open Data
Challenges Flickr/TimPainter
How to add this information to existing methodologies? …how we can leverage existing model-based approaches? …how hard would it be? #1 #2 How to convince organizations to annotate their data? …are they actually concerned? …would they see it as beneficial? #3 Is it posible to automatically annotate existing models with privacy information? …are there some guidelines? #4 How to mix data with different privacy enforcement definitions? …how to deal with UML Class associations? …what happens when dealing with other UML diagrams?
Except where otherwise noted, content on this presentation is licensed under a Creative Commons Attribution 4.0 International license. Thanks! Javier L. Cánovas Izquierdo jcanovasi@uoc.edu @jlcanovas Julian Salas jsalapi@uoc.edu

More Related Content

PDF
Data Analytics and Artificial Intelligence in the era of Digital Transformation
Jan Wiegelmann
 
PDF
Petascale Analytics Largescale Machine Learning In The Earth Sciences 1st Edi...
baladadzekui
 
PDF
Mobile Devices: Systemisation of Knowledge about Privacy Invasion Tactics and...
CREST
 
ODP
Recognition Markets and Visual Privacy
Ryan Shaw
 
PDF
Computational Intelligent Data Analysis For Sustainable Development Ting Yu
spownikka
 
PPTX
High accuracy ML & AI over sensitive data
Simeon Simeonov
 
PPTX
Your organization and Big Data: Managing, access, privacy, & security
Louise Spiteri
 
PPTX
Your organization and Big Data: Managing access, privacy, and security
Louise Spiteri
 
Data Analytics and Artificial Intelligence in the era of Digital Transformation
Jan Wiegelmann
 
Petascale Analytics Largescale Machine Learning In The Earth Sciences 1st Edi...
baladadzekui
 
Mobile Devices: Systemisation of Knowledge about Privacy Invasion Tactics and...
CREST
 
Recognition Markets and Visual Privacy
Ryan Shaw
 
Computational Intelligent Data Analysis For Sustainable Development Ting Yu
spownikka
 
High accuracy ML & AI over sensitive data
Simeon Simeonov
 
Your organization and Big Data: Managing, access, privacy, & security
Louise Spiteri
 
Your organization and Big Data: Managing access, privacy, and security
Louise Spiteri
 

Similar to A UML Profile for Privacy Enforcement (20)

PDF
Data Clustering Algorithms and Applications First Edition Charu C. Aggarwal
ieeccqrcg365
 
PPTX
Ethics and Politics of Big Data
robkitchin
 
DOCX
Jackie Rees
butest
 
PDF
Data Clustering Algorithms and Applications First Edition Charu C. Aggarwal
gylainloippu
 
PPT
Norman Sadeh's Presentation
Mediabistro
 
PPTX
Privacy-preserving Data Mining in Industry (WSDM 2019 Tutorial)
Krishnaram Kenthapadi
 
PPTX
Oz!a 2009 sna v0.2
Mia Horrigan
 
PPTX
Ethics and information architecture - The 6th Academics and Practitioners Rou...
Sarah Rice
 
PDF
Data Clustering Algorithms and Applications First Edition Charu C. Aggarwal
kudrmaardu
 
PDF
Who Watches the Watchers Metrics for Security Strategy - BsidesLV 2015 - Roytman
Michael Roytman
 
PPTX
Privacy-preserving Data Mining in Industry (WWW 2019 Tutorial)
Krishnaram Kenthapadi
 
PDF
Revisiting Digital Media and Internet Research Ethics. A Process Oriented App...
Nele Heise
 
PDF
Data Clustering Algorithms and Applications First Edition Charu C. Aggarwal
wesleeptel59
 
PDF
Managing and publishing sensitive data in the social sciences - Webinar trans...
ARDC
 
PPTX
UN Global Pulse Privacy Framing
Micah Altman
 
PPTX
AICHROTH Systemaic evaluation and decentralisation for a (bit more) trusted AI
FIAT/IFTA
 
PPTX
Technology for everyone - AI ethics and Bias
Marion Mulder
 
PPT
hel29999999999999999999999999999999999999999999.ppt
gealehegn
 
PDF
The Science Of Quantitative Information Flow Mário S. Alvim
radeyscurtiuq
 
PPTX
OpenSourceIntelligence-OSINT.pptx
anonymousanonymous428352
 
Data Clustering Algorithms and Applications First Edition Charu C. Aggarwal
ieeccqrcg365
 
Ethics and Politics of Big Data
robkitchin
 
Jackie Rees
butest
 
Data Clustering Algorithms and Applications First Edition Charu C. Aggarwal
gylainloippu
 
Norman Sadeh's Presentation
Mediabistro
 
Privacy-preserving Data Mining in Industry (WSDM 2019 Tutorial)
Krishnaram Kenthapadi
 
Oz!a 2009 sna v0.2
Mia Horrigan
 
Ethics and information architecture - The 6th Academics and Practitioners Rou...
Sarah Rice
 
Data Clustering Algorithms and Applications First Edition Charu C. Aggarwal
kudrmaardu
 
Who Watches the Watchers Metrics for Security Strategy - BsidesLV 2015 - Roytman
Michael Roytman
 
Privacy-preserving Data Mining in Industry (WWW 2019 Tutorial)
Krishnaram Kenthapadi
 
Revisiting Digital Media and Internet Research Ethics. A Process Oriented App...
Nele Heise
 
Data Clustering Algorithms and Applications First Edition Charu C. Aggarwal
wesleeptel59
 
Managing and publishing sensitive data in the social sciences - Webinar trans...
ARDC
 
UN Global Pulse Privacy Framing
Micah Altman
 
AICHROTH Systemaic evaluation and decentralisation for a (bit more) trusted AI
FIAT/IFTA
 
Technology for everyone - AI ethics and Bias
Marion Mulder
 
hel29999999999999999999999999999999999999999999.ppt
gealehegn
 
The Science Of Quantitative Information Flow Mário S. Alvim
radeyscurtiuq
 
OpenSourceIntelligence-OSINT.pptx
anonymousanonymous428352
 
Ad

More from Javier Canovas (20)

PDF
On the Analysis of Non-Coding Roles in Open Source Development
Javier Canovas
 
PDF
Open Source Software Governance Guide: Developing a Matrix of Leading Questio...
Javier Canovas
 
PDF
A Model-based Chatbot Generation Approach to Converse with Open Data Sources
Javier Canovas
 
PPTX
Chatbots to Democratize the Access to Information and Internet Services
Javier Canovas
 
PPTX
Analysis and Modeling of the Governance in General Programming Languages
Javier Canovas
 
PPTX
Automatic Generation of Test Cases for REST APIs: a Specification-Based Approach
Javier Canovas
 
PPTX
The Role of Foundations in Open Source Projects
Javier Canovas
 
PPTX
An Empirical Study on the Maturity of the Eclipse Modeling Ecosystem
Javier Canovas
 
PPTX
Example-driven Web API Specification Discovery
Javier Canovas
 
PPTX
Software Modernization Revisited: Challenges and Prospects
Javier Canovas
 
PPTX
Findings from GitHub. Methods, Datasets and Limitations
Javier Canovas
 
PPTX
Enabling the Definition and Enforcement of Governance Rules in Open Source Sy...
Javier Canovas
 
PPTX
Exploring the Use of Labels to Categorize Issues in Open-Source Software Pro...
Javier Canovas
 
PPTX
Composing JSON-based Web APIs
Javier Canovas
 
PPTX
Retos Actuales en el Desarrollo de Lenguajes Específicos del Dominio
Javier Canovas
 
PPTX
Discovering Implicit Schemas in JSON Data
Javier Canovas
 
PPTX
Enabling the Collaborative Definition of DSMLs
Javier Canovas
 
PPTX
Domain-Specific Languages
Javier Canovas
 
PDF
Modernization in Eclipse
Javier Canovas
 
PDF
Software Modernization
Javier Canovas
 
On the Analysis of Non-Coding Roles in Open Source Development
Javier Canovas
 
Open Source Software Governance Guide: Developing a Matrix of Leading Questio...
Javier Canovas
 
A Model-based Chatbot Generation Approach to Converse with Open Data Sources
Javier Canovas
 
Chatbots to Democratize the Access to Information and Internet Services
Javier Canovas
 
Analysis and Modeling of the Governance in General Programming Languages
Javier Canovas
 
Automatic Generation of Test Cases for REST APIs: a Specification-Based Approach
Javier Canovas
 
The Role of Foundations in Open Source Projects
Javier Canovas
 
An Empirical Study on the Maturity of the Eclipse Modeling Ecosystem
Javier Canovas
 
Example-driven Web API Specification Discovery
Javier Canovas
 
Software Modernization Revisited: Challenges and Prospects
Javier Canovas
 
Findings from GitHub. Methods, Datasets and Limitations
Javier Canovas
 
Enabling the Definition and Enforcement of Governance Rules in Open Source Sy...
Javier Canovas
 
Exploring the Use of Labels to Categorize Issues in Open-Source Software Pro...
Javier Canovas
 
Composing JSON-based Web APIs
Javier Canovas
 
Retos Actuales en el Desarrollo de Lenguajes Específicos del Dominio
Javier Canovas
 
Discovering Implicit Schemas in JSON Data
Javier Canovas
 
Enabling the Collaborative Definition of DSMLs
Javier Canovas
 
Domain-Specific Languages
Javier Canovas
 
Modernization in Eclipse
Javier Canovas
 
Software Modernization
Javier Canovas
 
Ad

Recently uploaded (20)

PDF
Is Earendel a Star Cluster?: Metal-poor Globular Cluster Progenitors at z ∼ 6
Sérgio Sacani
 
PDF
lecture 2026 of Sjogren's syndrome l .pdf
ssuserf13226
 
PPTX
Overview of calcium in human muscles.pptx
safaparvin28
 
PPTX
Introcution to Microbes Burton's Biology for the Health
fliwertyfw154
 
PPTX
The Minerals for Earth and Life Science SHS.pptx
JadenDeVera
 
PPTX
BIOMOLECULES PPT........................
vachieagrawal1221
 
PPTX
TOTAL hIP ARTHROPLASTY Presentation.pptx
hararghemssc
 
PDF
Sciences of Europe No 170 (2025)
Sciences of Europe
 
PDF
Looking into the jet cone of the neutrino-associated very high-energy blazar ...
Sérgio Sacani
 
PPTX
Introduction to Cardiovascular system_structure and functions-1
muralinath2
 
PDF
Worlds Next Door: A Candidate Giant Planet Imaged in the Habitable Zone of ↵ ...
Sérgio Sacani
 
PDF
Phytochemical Investigation of Miliusa longipes.pdf
IrfanShahirSharafi
 
PDF
Warm, water-depleted rocky exoplanets with surfaceionic liquids: A proposed c...
Sérgio Sacani
 
PDF
Placing the Near-Earth Object Impact Probability in Context
Sérgio Sacani
 
PDF
ELS_Q1_Module-11_Formation-of-Rock-Layers_v2.pdf
savannaesar07
 
PDF
An interstellar mission to test astrophysical black holes
Sérgio Sacani
 
PDF
Unveiling a 36 billion solar mass black hole at the centre of the Cosmic Hors...
Sérgio Sacani
 
PPTX
Fluid dynamics vivavoce presentation of prakash
ssuser9878d0
 
PPT
Heredity-grade-9 Heredity-grade-9. Heredity-grade-9.
tipaniiisheyn
 
PPTX
Hypertension_Training_materials_English_2024[1] (1).pptx
johnsalaoudine
 
Is Earendel a Star Cluster?: Metal-poor Globular Cluster Progenitors at z ∼ 6
Sérgio Sacani
 
lecture 2026 of Sjogren's syndrome l .pdf
ssuserf13226
 
Overview of calcium in human muscles.pptx
safaparvin28
 
Introcution to Microbes Burton's Biology for the Health
fliwertyfw154
 
The Minerals for Earth and Life Science SHS.pptx
JadenDeVera
 
BIOMOLECULES PPT........................
vachieagrawal1221
 
TOTAL hIP ARTHROPLASTY Presentation.pptx
hararghemssc
 
Sciences of Europe No 170 (2025)
Sciences of Europe
 
Looking into the jet cone of the neutrino-associated very high-energy blazar ...
Sérgio Sacani
 
Introduction to Cardiovascular system_structure and functions-1
muralinath2
 
Worlds Next Door: A Candidate Giant Planet Imaged in the Habitable Zone of ↵ ...
Sérgio Sacani
 
Phytochemical Investigation of Miliusa longipes.pdf
IrfanShahirSharafi
 
Warm, water-depleted rocky exoplanets with surfaceionic liquids: A proposed c...
Sérgio Sacani
 
Placing the Near-Earth Object Impact Probability in Context
Sérgio Sacani
 
ELS_Q1_Module-11_Formation-of-Rock-Layers_v2.pdf
savannaesar07
 
An interstellar mission to test astrophysical black holes
Sérgio Sacani
 
Unveiling a 36 billion solar mass black hole at the centre of the Cosmic Hors...
Sérgio Sacani
 
Fluid dynamics vivavoce presentation of prakash
ssuser9878d0
 
Heredity-grade-9 Heredity-grade-9. Heredity-grade-9.
tipaniiisheyn
 
Hypertension_Training_materials_English_2024[1] (1).pptx
johnsalaoudine
 

A UML Profile for Privacy Enforcement

  • 1. A UML Profile for Privacy Enforcement Javier L. Cánovas Izquierdo, Julián Salas unsplash/matthew-henry
  • 4. Data is key User Information Email, social security number, passport… Geolocation, videos, pictures, routines…Personal Data
  • 5. Data is key User Information Email, social security number, passport… Geolocation, videos, pictures, routines…Personal Data Composite information Route to go to work… Places to pass the night…
  • 6. Data is key User Information Data is the new currency Email, social security number, passport… Geolocation, videos, pictures, routines…Personal Data Composite information Route to go to work… Places to pass the night…
  • 7. Data is key User Information Data is the new currency Email, social security number, passport… Geolocation, videos, pictures, routines…Personal Data Composite information Route to go to work… Places to pass the night…
  • 8. The Open Data Movement Data should be freely available to everyone to use and republish as they wish, without restrictions from copyright, patents or other mechanisms of control
  • 9. The Open Data Movement Data should be freely available to everyone to use and republish as they wish, without restrictions from copyright, patents or other mechanisms of control •Geographic, geopolitical and financial data Statistics Election results Legal acts Data on crime, health, the environment, transport and scientific research
  • 10. The Open Data Movement Data should be freely available to everyone to use and republish as they wish, without restrictions from copyright, patents or other mechanisms of control •Geographic, geopolitical and financial data Statistics Election results Legal acts Data on crime, health, the environment, transport and scientific research BUT…
  • 11. Let’s not forget to mention… …harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy…
  • 13. How is it treated currently?
  • 14. How is it treated currently?…in MDE?
  • 15. How is it treated currently?…in MDE?
  • 16. How is it treated currently?…in MDE? Privacy and security at high-level Methodological approaches Access control policy solutions Mont, M.C., Pearson, S., Creese, S., Goldsmith, M., Papanikolaou, N.: A Conceptual Model for Privacy Policies with Consent and Revocation Requirements Allison, D.S., Yamany, H.F.E., Capretz, M.A.M.: Metamodel for privacy policies within SOA Busch, M.: Evaluating & engineering: an approach for the development of secure web applications Basso, T., Montecchi, L., Moraes, R., Jino, M., Bondavalli, A.: Towards a UML profile for privacy-aware applications Ahmadian, A.S., Peldszus, S., Ramadan, Q., Jürjens, J.: Model-based privacy and security analysis with carisma Ahmadian, A.S., Strüber, D., Riediger, V., Jürjens, J.: Model-based privacy analysis in industrial ecosystems Alshammari, M., Simpson, A.: A UML profile for privacy-aware data lifecycle models XACML, PRBAC, UMLSec, Ponder
  • 20. A profile for privacy enforcement
  • 21. A profile for privacy enforcement
  • 22. A profile for privacy enforcement
  • 23. A profile for privacy enforcement
  • 24. A profile for privacy enforcement
  • 25. A profile for privacy enforcement
  • 26. A profile for privacy enforcement
  • 27. Example with our profile
  • 28. Conclusion • Profile to specify privacy • Models annotated with the profile can promote privacy enforcement What we have shown What we want to do next Application to specific fields Promoting Open Data
  • 30. How to add this information to existing methodologies? …how we can leverage existing model-based approaches? …how hard would it be? #1 #2 How to convince organizations to annotate their data? …are they actually concerned? …would they see it as beneficial? #3 Is it posible to automatically annotate existing models with privacy information? …are there some guidelines? #4 How to mix data with different privacy enforcement definitions? …how to deal with UML Class associations? …what happens when dealing with other UML diagrams?
  • 31. Except where otherwise noted, content on this presentation is licensed under a Creative Commons Attribution 4.0 International license. Thanks! Javier L. Cánovas Izquierdo jcanovasi@uoc.edu @jlcanovas Julian Salas jsalapi@uoc.edu