{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T00:02:35Z","timestamp":1773792155146,"version":"3.50.1"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030299583","type":"print"},{"value":"9783030299590","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-29959-0_33","type":"book-chapter","created":{"date-parts":[[2019,9,14]],"date-time":"2019-09-14T23:04:10Z","timestamp":1568502250000},"page":"681-699","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":28,"title":["Monitoring the GDPR"],"prefix":"10.1007","author":[{"given":"Emma","family":"Arfelt","sequence":"first","affiliation":[]},{"given":"David","family":"Basin","sequence":"additional","affiliation":[]},{"given":"S\u00f8ren","family":"Debois","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,9,15]]},"reference":[{"key":"33_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"942","DOI":"10.1007\/978-3-319-47166-2_65","volume-title":"Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques","author":"T Antignac","year":"2016","unstructured":"Antignac, T., Scandariato, R., Schneider, G.: A privacy-aware conceptual model for handling personal data. In: Margaria, T., Steffen, B. (eds.) ISoLA 2016. LNCS, vol. 9952, pp. 942\u2013957. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-47166-2_65"},{"key":"33_CR2","doi-asserted-by":"crossref","unstructured":"Antignac, T., Scandariato, R., Schneider, G.: Privacy compliance via model transformations. In: 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 120\u2013126. IEEE (2018)","DOI":"10.1109\/EuroSPW.2018.00024"},{"key":"33_CR3","doi-asserted-by":"crossref","unstructured":"Basin, D., Debois, S., Hildebrandt, T.: On purpose and by necessity: compliance under the GDPR. In: Proceedings of the 22nd International Conference on Financial Cryptography and Data Security (FC 2018), Lecture Notes in Computer Science, Nieuwpoort, Cura\u00e7ao, February 2018. Springer. Accepted for publication","DOI":"10.1007\/978-3-662-58387-6_2"},{"issue":"10","key":"33_CR4","doi-asserted-by":"publisher","first-page":"1403","DOI":"10.1109\/TSE.2013.18","volume":"39","author":"D Basin","year":"2013","unstructured":"Basin, D., Harvan, M., Klaedtke, F., Zalinescu, E.: Monitoring data usage in distributed systems. IEEE Trans. Softw. Eng. 39(10), 1403\u20131426 (2013)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"33_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"360","DOI":"10.1007\/978-3-642-29860-8_27","volume-title":"Runtime Verification","author":"D Basin","year":"2012","unstructured":"Basin, D., Harvan, M., Klaedtke, F., Z\u0103linescu, E.: MONPOLY: monitoring usage-control policies. In: Khurshid, S., Sen, K. (eds.) RV 2011. LNCS, vol. 7186, pp. 360\u2013364. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29860-8_27"},{"key":"33_CR6","doi-asserted-by":"crossref","unstructured":"Basin, D., Klaedtke, F., M\u00fcller, S.:. Monitoring security policies with metric first-order temporal logic. In: Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, pp. 23\u201334. ACM (2010)","DOI":"10.1145\/1809842.1809849"},{"key":"33_CR7","doi-asserted-by":"crossref","unstructured":"Basin, D., Klaedtke, F., Zalinescu, E.: The monpoly monitoring tool. In: RV-CuBES 2017 An International Workshop on Competitions, Usability, Benchmarks, Evaluation, and Standardisation for Runtime Verification Tools, vol. 3 of Kalpa Publications in Computing, pp. 19\u201328. EasyChair (2017)","DOI":"10.29007\/89hs"},{"key":"33_CR8","doi-asserted-by":"crossref","unstructured":"Debois, S., Slaats, T.: The analysis of a real life declarative process. In: IEEE Symposium Series on Computational Intelligence, SSCI 2015, Cape Town, South Africa, 7\u201310 December 2015, pp. 1374\u20131382. IEEE (2015)","DOI":"10.1109\/SSCI.2015.196"},{"issue":"3","key":"33_CR9","doi-asserted-by":"publisher","first-page":"1482","DOI":"10.1016\/j.eswa.2010.07.057","volume":"38","author":"ME Kabir","year":"2011","unstructured":"Kabir, M.E., Wang, H., Bertino, E.: A conditional purpose-based access control model with dynamic roles. Expert Syst. Appl. 38(3), 1482\u20131489 (2011)","journal-title":"Expert Syst. Appl."},{"key":"33_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-030-02547-2_4","volume-title":"Privacy Technologies and Policy","author":"P Ferrara","year":"2018","unstructured":"Ferrara, P., Olivieri, L., Spoto, F.: Tailoring taint analysis to GDPR. In: Medina, M., Mitrakas, A., Rannenberg, K., Schweighofer, E., Tsouroulas, N. (eds.) APF 2018. LNCS, vol. 11079, pp. 63\u201376. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-02547-2_4"},{"key":"33_CR11","unstructured":"Ferrara, P., Spoto, F.: Static analysis for GDPR compliance. In: Proceedings of the Second Italian Conference on Cyber Security, Milan, Italy, 6th - 9th February 2018, vol. 2058 of CEUR Workshop Proceedings. CEUR-WS.org (2018)"},{"issue":"6","key":"33_CR12","first-page":"231","volume":"55","author":"G Governatori","year":"2013","unstructured":"Governatori, G.: Business process compliance: an abstract normative framework. Inf. Technol. 55(6), 231\u2013238 (2013)","journal-title":"Inf. Technol."},{"key":"33_CR13","doi-asserted-by":"publisher","first-page":"426","DOI":"10.4018\/978-1-60566-288-6.ch020","volume-title":"Handbook of Research on Business Process Modeling","author":"G Governatori","year":"2009","unstructured":"Governatori, G., Sadiq, S.: The journey to business process compliance. Handbook of Research on Business Process Modeling, pp. 426\u2013454. IGI Global, Pennsylvania (2009)"},{"key":"33_CR14","doi-asserted-by":"crossref","unstructured":"Guerriero, M., Tamburri, D.A., Nitto, E.D.: Defining, enforcing and checking privacy policies in data-intensive applications. In: Proceedings of the 13th International Conference on Software Engineering for Adaptive and Self-Managing Systems, SEAMS 2018, pp. 172\u2013182, New York, NY, USA, ACM. event-place: Gothenburg, Sweden (2018)","DOI":"10.1145\/3194133.3194140"},{"key":"33_CR15","doi-asserted-by":"crossref","unstructured":"Kumar, N.V.N., Shyamasundar, R.K.: Realizing purpose-based privacy policies succinctly via information-flow labels. In: 2014 IEEE Fourth International Conference on Big Data and Cloud Computing, pp. 753\u2013760, December 2014","DOI":"10.1109\/BDCloud.2014.89"},{"key":"33_CR16","doi-asserted-by":"publisher","first-page":"209","DOI":"10.1016\/j.is.2015.02.007","volume":"54","author":"L Thao Ly","year":"2015","unstructured":"Thao Ly, L., Maggi, F.M., Montali, M., Aalst, W.M.P., van der Rinderle-Ma, S.: Compliance monitoring in business processes: functionalities application and tool-support. Inf. Syst. 54, 209\u2013234 (2015)","journal-title":"Inf. Syst."},{"key":"33_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1104","DOI":"10.1007\/978-3-540-88873-4_12","volume-title":"On the Move to Meaningful Internet Systems: OTM 2008","author":"A Masoumzadeh","year":"2008","unstructured":"Masoumzadeh, A., Joshi, J.B.D.: PuRBAC: purpose-aware role-based access control. In: Meersman, R., Tari, Z. (eds.) OTM 2008. LNCS, vol. 5332, pp. 1104\u20131121. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-88873-4_12"},{"issue":"3","key":"33_CR18","doi-asserted-by":"publisher","first-page":"24:1","DOI":"10.1145\/1805974.1805980","volume":"13","author":"Q Ni","year":"2010","unstructured":"Ni, Q., et al.: Privacy-aware role-based access control. ACM Trans. Inf. Syst. Secur. 13(3), 24:1\u201324:31 (2010)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"33_CR19","first-page":"101","volume":"313","author":"M Palmirani","year":"2018","unstructured":"Palmirani, M., Governatori, G.: Modelling legal knowledge for GDPR compliance checking. Front. Artif. Intell. Appl. 313, 101\u2013110 (2018)","journal-title":"Front. Artif. Intell. Appl."},{"key":"33_CR20","unstructured":"Palmirani, M., Martoni, M., Rossi, A., Bartolini, C., Robaldo, L.: Legal ontology for modelling GDPR concepts and norms. In: Legal Knowledge and Information Systems: JURIX 2018: The Thirty-first Annual Conference, vol. 313, p. 91. IOS Press (2018)"},{"key":"33_CR21","doi-asserted-by":"crossref","unstructured":"Peng, H., Gu, J., Ye, X.: Dynamic purpose-based access control. In: 2008 IEEE International Symposium on Parallel and Distributed Processing with Applications, pp. 695\u2013700, December 2008","DOI":"10.1109\/ISPA.2008.80"},{"key":"33_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1007\/978-3-642-23556-6_10","volume-title":"Secure Data Management","author":"M Petkovi\u0107","year":"2011","unstructured":"Petkovi\u0107, M., Prandi, D., Zannone, N.: Purpose control: did you process the data for the intended purpose? In: Jonker, W., Petkovi\u0107, M. (eds.) SDM 2011. LNCS, vol. 6933, pp. 145\u2013168. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-23556-6_10"},{"key":"33_CR23","unstructured":"Shepardson, D.: 2017 safest year on record for commercial passenger air travel (2018). https:\/\/reut.rs\/2CvBTEH"},{"key":"33_CR24","unstructured":"European Union. Regulation (eu) 2016\/679 of the european parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95\/46\/ec (general data protection regulation) (2016)"},{"key":"33_CR25","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-57959-7","volume-title":"The EU General Data Protection Regulation (GDPR)","author":"P Voigt","year":"2017","unstructured":"Voigt, P., von dem Bussche, A.: The EU General Data Protection Regulation (GDPR). Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-57959-7"},{"key":"33_CR26","doi-asserted-by":"crossref","unstructured":"Yang, N., Barringer, H., Zhang, N.: A purpose-based access control model. In: Third International Symposium on Information Assurance and Security, pp. 143\u2013148, August 2007","DOI":"10.1109\/ISIAS.2007.4299765"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2019"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-29959-0_33","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,15]],"date-time":"2024-09-15T00:08:35Z","timestamp":1726358915000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-29959-0_33"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030299583","9783030299590"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-29959-0_33","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"15 September 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Luxembourg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Luxembourg","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 September 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 September 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/conf.laas.fr\/esorics\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"344","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"67","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"11","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}