ITU

Monitoring the GDPR: European Symposium on Research in Computer Security

Research output: Conference Article in Proceeding or Book/Report chapterArticle in proceedingsResearchpeer-review

View graph of relations

The General Data Protection Regulation (GDPR) has substantially strengthened the requirements for data processing systems, requiring audits at scale. We show how and to what extent these audits can be automated. We contribute an analysis of which parts of the GDPR can be monitored, a formalisation of these parts in metric first-order temporal logic, and an application of the MonPoly system to automatically audit these parts. We validate our ideas on a case study using log data from industry, detecting actual violations. Altogether, we demonstrate both in theory and practice how to automate GDPR compliance checking.
Original languageEnglish
Title of host publicationComputer Security – ESORICS 2019 : European Symposium on Research in Computer Security
PublisherSpringer
Publication date2019
Pages681-699
ISBN (Electronic)978-3-030-29959-0
DOIs
Publication statusPublished - 2019
EventThe 24th European Symposium on Research in Computer Security - Luxembourg, Luxembourg, Luxembourg
Duration: 23 Sep 201927 Sep 2019
Conference number: 24

Conference

ConferenceThe 24th European Symposium on Research in Computer Security
Nummer24
LocationLuxembourg
LandLuxembourg
ByLuxembourg
Periode23/09/201927/09/2019
SeriesLecture Notes in Computer Science
Volume11735
ISSN0302-9743

Downloads

No data available

ID: 84814980