Click here for full text:
Extending HP Identity Management Solutions to Enforce Privacy Policies and Obligations for Regulatory Compliance by Enterprises
Casassa Mont, Marco; Thyne, Robert; Chan, Kwok; Bramhall, Pete
HPL-2005-110
Keyword(s): privacy; IT governance; privacy policy enforcement; privacy-aware access control; privacy obligations; regulatory compliance
Abstract: This paper describes issues and requirements related to privacy management as an aspect of improved governance in enterprises. It focuses on the privacy enforcement aspect, in particular related to privacy- aware access control and enforcement of privacy obligations: this is still a green field and, at the same time, is a key aspect to be taken into account to ensure compliance both with regulations and an enterprise's IT governance objectives. We introduce our HP Labs work in these areas: core concepts are described along with our policy enforcement models and related technologies. Two prototypes have been built as a proof of concept to: (1) enforce privacy policies on personal data by extending HP Select Access; (2) manage and enforce privacy obligations on personal data, integrated with HP Select Identity. We describe their technical capabilities and our next steps.
15 Pages
Back to Index
| 
Printable version
