Note: this blog is a mirror of my HP Labs Blog, on the same topic, accessible at: http://h30507.www3.hp.com/t5/Research-on-Security-and/bg-p/163

Monday, January 9, 2012

EnCoRe: Third Technical Architecture D2.3

HP Labs led the overall design and delivery of the third EnCoRe Technical Architecture along with the release of a related EnCoRe public architectural document, D2.3 [1]. This architecture focuses on the third EnCoRe case study, centered on the UK Cabinet Office/Identity Assurance Programme [2].

The first EnCoRe Technical Architecture [3] was designed to fulfill the basic privacy management requirements of the first EnCoRe case study, centred on employee data and focusing on an organisational context. The second EnCoRe Technical Architecture [4], based on a Biobank scenario, fulfilled additional requirements including: the need to support more flexible and compelling privacy-aware policies beyond access control such as obligation policies; the need to ensure that data subjects’ privacy preferences are taken into account and enforced when personal data is shared with third parties. This architecture was designed to support future needs such as the ones related to the third case study. The third EnCoRe Technical Architecture primarily refines and finalises previous specifications in the following areas: flexible expression of privacy preferences (choices); tracking of data whereabouts; privacy-aware access control policies and obligation policies; sticky policies; logging, auditing and compliance checking. These refinements are driven by additional knowledge and requirements gathered in EnCoRe, during the second and third case studies.

Various use cases, related to the UK Cabinet Office/Identity Assurance Programme, have been taken into account to illustrate how EnCoRe can provide the desired capabilities in terms of dynamic consent and privacy management.

The third Technical Architecture document describes the resulting final EnCoRe architecture. Although inspired by, and focused on, the specifics of the third EnCoRe case study, this architecture is much more widely applicable than to just that scenario, being suitable for use in other scenarios where an individual (the data subject) discloses his or her personal data to an organisation, which may wish to disclose it to other organisations. Its legal ability to do so may depend on the specific details of the consent, granted by the data subject at the time of disclosure. At that time, the data subject may not be fully aware of the implications of granting consent, and/or may select the simplest consent options offered by the organisation. Later, perhaps after becoming more aware of these implications, or having just changed her mind, the data subject may wish to revoke the previously granted consents and be sure that her new wishes will be respected by all the organisations that have (or have access to) copies of the personal data she disclosed. In order for this to happen, a complex set of interactions, between and within the involved organisations, is required. The EnCoRe architecture provides the framework for these.

The third EnCoRe Technical Architecture document also provides clear and refined guidelines towards the implementation of a related technical solution, consisting of secure and self-standing services to support dynamic consent and privacy management within and across organizations.

These guidelines have been taken into account in the HP Labs’s EnCoRe Service Framework, which provides a general, reference implementation of the EnCoRe architecture and its core capabilities, as well as a framework to carry out additional research & development activities.

[1] D2.3 Technical Architecture for the third realized Case Study,, http://www.encore-project.info/deliverables_material/D2_3_EnCoRe_Architecture_V1.0.pdf
[2] UK Cabinet Office, Identity Assurance (IdA) Programme Statements, http://services.parliament.uk/hansard/Commons/ByDate/20110518/writtenministerialstatements/part003.html
[3] D2.1 Technical Architecture for the first realized Case Study, http://www.encore-project.info/deliverables_material/D2.1%20EnCoRe%20Architecture%20V1.0.pdf
[4] D2.2 Technical Architecture for the second realized Case Study, http://www.encore-project.info/deliverables_material/D2_2_EnCoRe_Architecture_V1.0.pdf

--- Posted by Marco Casassa Mont (here and here) ---
--- NOTE: use this mirror blog if you prefer posting on an external blog site ---
--- NOTE: my original HP blog can be found here ---

No comments: