Abstract
This paper aims at setting the context for privacy-aware information lifecycle management within enterprises, i.e. the process of handling the lifecycle of personal and confidential information in a way that is compliant with privacy laws and people’s expectations (including data retention, deletion, notifications, data transformation, etc.). Despite the fact that enterprises are already using Information Lifecycle Management (ILM) and Identity Management (1DM) solutions to store and manage various types of data, in terms of “privacy-aware” lifecycle management of information much is still done by means of manual processes that are complex and hard to monitor. This is a green field, open to innovation. We argue that automation can be introduced to address this aspect by leveraging, among other things, existing enterprise ILM and 1DM solutions.
In this context, we investigate and analyse core privacy requirements and issues that need to be addressed by enterprises along with their implications and impact on existing ILM and 1DM solutions. The goal is to create awareness and suggest potential ways to move towards their automation and simplification. We provide an overview of research and work done by HP Labs to develop approaches and technologies that can help enterprises to implement and automate aspects of privacy-aware information lifecycle management.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Beigi, M., Devarakonda, M., Jam, R., Kaplan, M., Pease, D., Rubas, J., Sharma, U., Verma, A.: Policy-based information lifecycle management in a large-scale file system. Policies for Distributed Systems and Networks, 2005, Sixth IEEE International Workshop on, 6-8 June 2005, 2005
Casassa Mont, M. Bramhall, P., Pato, J.: On Adaptive Identity Management: The Next Generation of Identity Management Technologies. HP Labs Technical Report, HPL-2003-149, 2003
Casassa Mont, M.: Dealing with Privacy Obligations in Enterprises. HP Labs Technical Report, HPL-2004-109, 2004
Casassa Mont, M.: Dealing with Privacy Obligations: Important Aspects and Technical Approaches. TrustBus 2004, 2004
Casassa Mont, M., Thyne, R., Bramhall, P.: Privacy Enforcement with HP Select Access for Regulatory Compliance. HP Labs Technical Report, HPL-2005-10, 2005
Casassa Mont, M., Thyne, R., Chan, K., Bramhall, P.: Extending HP Identity Management Solutions to Enforce Privacy Policies and Obligations for Regulatory Compliance by Enterprises. HP Labs Technical Report, HPL-2005-110, 2005
De Clercq, J., Rouault, J.: An Introduction to Identity Management. HP Reports, http://devresource.hp.comldrc/resources/idmgtjntro/idmgt_intro.pdf, 2004
Hewlett-Packard (HP): HP OpenView Select Identity: Overview and Features. http://www.openview.hp.comiproducts/slctid/index.html, 2005
Hewlett-Packard (HP): RISS Software Development Kit. http://h18006.wwwl.hp.com/products/storageworks/riss/sdk.html, 2005
IBM: The Enterprise Privacy Authorization Language (EPAL). EPAL 1.2 specification, http://www.zurich.ibm.com/security/enterprise-privacy/epall, 2004
IBM Tivoli Privacy Manager: Privacy manager main web page, http://www306.ibm.comlsoftware/tivolilproducts/pnvacy-mgr-e-bus/, 2005
Laurant, C.: Privacy International: Privacy and Human Rights 2004: an International Survey of Privacy Laws and Developments. Electronic Privacy Information Center (EPIC), Privacy International, http://www.privacyinternational.org/survey/phr2004/, 2004
OECD: OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. http://www.oecd.org/publications/e-book/930201 1E.PDF, 1980
PRIME Project: Privacy and Identity Management for Europe. European RTD Integrated Project under the FP6/IST Programme, http://www.prime-project.eul, 2006
Petrocelli, T.: Data Protection and Information Lifecycle Management. Prentice Hall, Chapter 8, 2006
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2006 Friedr. Vieweg & Sohn Verlag | GWV-Fachverlage GmbH, Wiesbaden
About this chapter
Cite this chapter
Mont, M.C. (2006). On Privacy-aware Information Lifecycle Management in Enterprises: Setting the Context. In: ISSE 2006 — Securing Electronic Busines Processes. Vieweg. https://doi.org/10.1007/978-3-8348-9195-2_43
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9195-2_43
Publisher Name: Vieweg
Print ISBN: 978-3-8348-0213-2
Online ISBN: 978-3-8348-9195-2
eBook Packages: Computer ScienceComputer Science (R0)