Abstract
The General Data Protection Regulation (GDPR) has substantially strengthened the requirements for data processing systems, requiring audits at scale. We show how and to what extent these audits can be automated. We contribute an analysis of which parts of the GDPR can be monitored, a formalisation of these parts in metric first-order temporal logic, and an application of the MonPoly system to automatically audit these parts. We validate our ideas on a case study using log data from industry, detecting actual violations. Altogether, we demonstrate both in theory and practice how to automate GDPR compliance checking.
Originalsprog | Engelsk |
---|---|
Titel | Computer Security – ESORICS 2019 : European Symposium on Research in Computer Security |
Forlag | Springer |
Publikationsdato | 2019 |
Sider | 681-699 |
ISBN (Elektronisk) | 978-3-030-29959-0 |
DOI | |
Status | Udgivet - 2019 |
Begivenhed | The 24th European Symposium on Research in Computer Security - Luxembourg, Luxembourg, Luxemborg Varighed: 23 sep. 2019 → 27 sep. 2019 Konferencens nummer: 24 |
Konference
Konference | The 24th European Symposium on Research in Computer Security |
---|---|
Nummer | 24 |
Lokation | Luxembourg |
Land/Område | Luxemborg |
By | Luxembourg |
Periode | 23/09/2019 → 27/09/2019 |
Navn | Lecture Notes in Computer Science |
---|---|
Vol/bind | 11735 |
ISSN | 0302-9743 |
Emneord
- General Data Protection Regulation
- data processing systems
- automated audits
- metric first-order temporal logic
- GDPR compliance checking