CPPL: Compact Privacy Policy Language
| Title | CPPL: Compact Privacy Policy Language |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Henze, Martin, Hiller, Jens, Schmerling, Sascha, Ziegeldorf, Jan Henrik, Wehrle, Klaus |
| Conference Name | Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society |
| Date Published | October 2016 |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4569-9 |
| Keywords | cloud computing, composability, data handling, Human Behavior, Internet of Things, Metrics, Privacy Policies, pubcrawl, relational database security, Resiliency |
| Abstract | Recent technology shifts such as cloud computing, the Internet of Things, and big data lead to a significant transfer of sensitive data out of trusted edge networks. To counter resulting privacy concerns, we must ensure that this sensitive data is not inadvertently forwarded to third-parties, used for unintended purposes, or handled and stored in violation of legal requirements. Related work proposes to solve this challenge by annotating data with privacy policies before data leaves the control sphere of its owner. However, we find that existing privacy policy languages are either not flexible enough or require excessive processing, storage, or bandwidth resources which prevents their widespread deployment. To fill this gap, we propose CPPL, a Compact Privacy Policy Language which compresses privacy policies by taking advantage of flexibly specifiable domain knowledge. Our evaluation shows that CPPL reduces policy sizes by two orders of magnitude compared to related work and can check several thousand of policies per second. This allows for individual per-data item policies in the context of cloud computing, the Internet of Things, and big data. |
| URL | https://dl.acm.org/doi/10.1145/2994620.2994627 |
| DOI | 10.1145/2994620.2994627 |
| Citation Key | henze_cppl:_2016 |