{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T04:18:13Z","timestamp":1743135493614,"version":"3.40.3"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783031077265"},{"type":"electronic","value":"9783031077272"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-07727-2_16","type":"book-chapter","created":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T01:12:12Z","timestamp":1654045932000},"page":"289-309","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["A Policy Language to\u00a0Capture Compliance of\u00a0Data Protection Requirements"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5344-0032","authenticated-orcid":false,"given":"Chinmayi Prabhu","family":"Baramashetru","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9948-2748","authenticated-orcid":false,"given":"Silvia Lizeth","family":"Tapia Tarifa","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0976-5678","authenticated-orcid":false,"given":"Olaf","family":"Owe","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7360-8314","authenticated-orcid":false,"given":"Nils","family":"Gruschka","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,6,1]]},"reference":[{"issue":"5","key":"16_CR1","doi-asserted-by":"publisher","first-page":"809","DOI":"10.1016\/j.comnet.2005.01.004","volume":"48","author":"R Agrawal","year":"2005","unstructured":"Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: XPref: a preference language for P3P. Comput. Netw. 48(5), 809\u2013827 (2005)","journal-title":"Comput. Netw."},{"key":"16_CR2","unstructured":"Anderson, A., et al.: Extensible access control markup language (XACML) version 1.0. OASIS (2003)"},{"key":"16_CR3","first-page":"31","volume":"30","author":"P Ashley","year":"2003","unstructured":"Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise privacy authorization language (EPAL). IBM Res. 30, 31 (2003)","journal-title":"IBM Res."},{"key":"16_CR4","doi-asserted-by":"crossref","unstructured":"Ashley, P., Hada, S., Karjoth, G., Schunter, M.: E-P3P privacy policies and privacy authorization. In: Proceedings of the 2002 ACM Workshop on Privacy in the Electronic Society, pp. 103\u2013109 (2002)","DOI":"10.1145\/644527.644538"},{"key":"16_CR5","unstructured":"AvaWomen. Your privacy - avawomen. https:\/\/www.avawomen.com\/privacy. Accessed 02 Jan 2022"},{"key":"16_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1007\/978-3-662-58387-6_2","volume-title":"Financial Cryptography and Data Security","author":"D Basin","year":"2018","unstructured":"Basin, D., Debois, S., Hildebrandt, T.: On purpose and by necessity: compliance under the GDPR. In: Meiklejohn, S., Sako, K. (eds.) FC 2018. LNCS, vol. 10957, pp. 20\u201337. Springer, Heidelberg (2018). https:\/\/doi.org\/10.1007\/978-3-662-58387-6_2"},{"key":"16_CR7","unstructured":"Centers for Medicare & Medicaid Services. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) (1996). http:\/\/www.cms.hhs.gov\/hipaa\/"},{"key":"16_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-71999-1","volume-title":"All About Maude - A High-Performance Logical Framework","author":"M Clavel","year":"2007","unstructured":"Clavel, M., et al.: All About Maude - A High-Performance Logical Framework. LNCS, vol. 4350. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-71999-1"},{"issue":"6","key":"16_CR9","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1109\/MSECP.2003.1253568","volume":"1","author":"LF Cranor","year":"2003","unstructured":"Cranor, L.F.: P3P: making privacy policies more useful. IEEE Secur. Priv. 1(6), 50\u201355 (2003)","journal-title":"IEEE Secur. Priv."},{"key":"16_CR10","unstructured":"European Parliament and Council: Regulation (EU) 2016\/679 of the European parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95\/46\/EC (general data protection regulation) (text with EEA relevance)"},{"key":"16_CR11","unstructured":"Ferraiolo, D., Cugini, J., Kuhn, D.R.: Role-based access control (RBAC): features and motivations. In: Proceedings of 11th Annual Computer Security Application Conference, pp. 241\u2013248 (1995)"},{"key":"16_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-662-57932-9_2","volume-title":"Transactions on Large-Scale Data- and Knowledge-Centered Systems XXXVII","author":"A Gerl","year":"2018","unstructured":"Gerl, A., Bennani, N., Kosch, H., Brunie, L.: LPL, towards a GDPR-compliant privacy language: formal definition and\u00a0usage. In: Hameurlain, A., Wagner, R. (eds.) Transactions on Large-Scale Data- and Knowledge-Centered Systems XXXVII. LNCS, vol. 10940, pp. 41\u201380. Springer, Heidelberg (2018). https:\/\/doi.org\/10.1007\/978-3-662-57932-9_2"},{"key":"16_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"302","DOI":"10.1007\/11423409_19","volume-title":"Privacy Enhancing Technologies","author":"K Hayati","year":"2005","unstructured":"Hayati, K., Abadi, M.: Language-based enforcement of privacy policies. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol. 3424, pp. 302\u2013313. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11423409_19"},{"key":"16_CR14","doi-asserted-by":"crossref","unstructured":"Hitzler, P., Kr\u00f6tzsch, M., Rudolph, S.: Foundations of Semantic Web Technologies. Chapman and Hall\/CRC Press, London (2010)","DOI":"10.1201\/9781420090512"},{"key":"16_CR15","unstructured":"ISO.org. ISO - ISO 8601 - date and time format. https:\/\/www.iso.org\/iso-8601-date-and-time-format.html. Accessed 28 Mar 2022"},{"key":"16_CR16","doi-asserted-by":"crossref","unstructured":"Iyilade, J., Vassileva, J.: P2u: a privacy policy specification language for secondary data sharing and usage. In: 2014 IEEE Security and Privacy Workshops, pp. 18\u201322. IEEE (2014)","DOI":"10.1109\/SPW.2014.12"},{"key":"16_CR17","unstructured":"Eur law. Eur-lex - 01990l0385-20071011 - en - eur-lex. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX%3A01990L0385-20071011. Accessed 13 Apr 2022"},{"key":"16_CR18","doi-asserted-by":"crossref","unstructured":"Leicht, J., Heisel, M.: A survey on privacy policy languages: expressiveness concerning data protection regulations. In: 2019 12th CMI Conference on Cybersecurity and Privacy (CMI), pp. 1\u20136. IEEE (2019)","DOI":"10.1109\/CMI48017.2019.8962144"},{"issue":"2","key":"16_CR19","doi-asserted-by":"publisher","first-page":"205395171454186","DOI":"10.1177\/2053951714541861","volume":"1","author":"D Lyon","year":"2014","unstructured":"Lyon, D.: Surveillance, Snowden, and big data: capacities, consequences, critique. Big Data Soc. 1(2), 2053951714541861 (2014)","journal-title":"Big Data Soc."},{"key":"16_CR20","unstructured":"Matheus, A., Herrmann, J.: Geospatial extensible access control markup language (GeoXACML). Open Geospatial Consortium Inc, OGC (2008)"},{"issue":"4","key":"16_CR21","doi-asserted-by":"publisher","first-page":"410","DOI":"10.1145\/363516.363526","volume":"9","author":"AC Myers","year":"2000","unstructured":"Myers, A.C., Liskov, B.: Protecting privacy using the decentralized label model. ACM Trans. Softw. Eng. Methodol. 9(4), 410\u2013442 (2000)","journal-title":"ACM Trans. Softw. Eng. Methodol."},{"key":"16_CR22","doi-asserted-by":"crossref","unstructured":"Neubert, S., et al.: Multi-sensor-fusion approach for a data-science-oriented preventive health management system: concept and development of a decentralized data collection approach for heterogeneous data sources. Int. J. Telemed. App. 2019, 1 (2019)","DOI":"10.1155\/2019\/9864246"},{"key":"16_CR23","unstructured":"S. of California Department of Justice: California consumer privacy act (CCPA) | state of California - department of justice - office of the attorney general. https:\/\/oag.ca.gov\/privacy\/ccpa. Accessed 02 Oct 2022"},{"key":"16_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"177","DOI":"10.1007\/978-3-030-22479-0_10","volume-title":"Data and Applications Security and Privacy XXXIII","author":"R Pardo","year":"2019","unstructured":"Pardo, R., Le M\u00e9tayer, D.: Analysis of privacy policies to enhance informed consent. In: Foley, S.N. (ed.) DBSec 2019. LNCS, vol. 11559, pp. 177\u2013198. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-22479-0_10"},{"key":"16_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-78142-2_1","volume-title":"Coordination Models and Languages","author":"R Schlatte","year":"2021","unstructured":"Schlatte, R., Johnsen, E.B., Kamburjan, E., Tapia Tarifa, S.L.: Modeling and analyzing resource-sensitive actors: a tutorial introduction. In: Damiani, F., Dardha, O. (eds.) COORDINATION 2021. LNCS, vol. 12717, pp. 3\u201319. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-78142-2_1"},{"key":"16_CR26","unstructured":"Scott: Mass leak of fitness tracking data hits fitbit, apple, microsoft, google; 60 million records exposed by improperly configured third-party database - cpo magazine. https:\/\/www.cpomagazine.com\/cyber-security\/mass-leak-of-fitness- tracking-data-hits-fitbit-apple-microsoft-google-60-million-records-exposed-by-improperly-configured-third-party-database\/. Accessed 02 Oct 2022"},{"key":"16_CR27","doi-asserted-by":"crossref","unstructured":"Speck, A., Witt, S., Feja, S., Feja, S., Pulverm\u00fcller, E.: Integrating validation techniques for process-based models. In: ENASE 2013 - Proceedings of the 8th International Conference on Evaluation of Novel Approaches to Software Engineering, Angers, France, 4\u20136 July 2013, pp. 246\u2013253. SciTePress (2013)","DOI":"10.5220\/0004569202460253"},{"key":"16_CR28","unstructured":"New York Times: As Facebook raised a privacy wall, it carved an opening for tech giants - The Netherlands New York Times. https:\/\/www.nytimes.com\/2018\/12\/18\/technology\/facebook-privacy.html. Accessed 02 Dec 2021"},{"key":"16_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/978-3-030-50086-3_10","volume-title":"Formal Techniques for Distributed Objects, Components, and Systems","author":"S Tokas","year":"2020","unstructured":"Tokas, S., Owe, O.: A formal framework for consent management. In: Gotsman, A., Sokolova, A. (eds.) FORTE 2020. LNCS, vol. 12136, pp. 169\u2013186. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-50086-3_10"},{"key":"16_CR30","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1007\/978-3-030-42504-3_10","volume-title":"Privacy and Identity Management. Data for Better Living: AI and Privacy","author":"S Tokas","year":"2020","unstructured":"Tokas, S., Owe, O., Ramezanifarkhani, T.: Language-based mechanisms for privacy-by-design. In: Friedewald, M., \u00d6nen, M., Lievens, E., Krenn, S., Fricker, S. (eds.) Privacy and Identity 2019. IAICT, vol. 576, pp. 142\u2013158. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-42504-3_10"},{"key":"16_CR31","doi-asserted-by":"publisher","DOI":"10.1016\/j.jlamp.2021.100733","volume":"125","author":"S Tokas","year":"2022","unstructured":"Tokas, S., Owe, O., Ramezanifarkhani, T.: Static checking of GDPR-related privacy compliance for object-oriented distributed systems. J. Log. Algebr. Methods Program. 125, 100733 (2022)","journal-title":"J. Log. Algebr. Methods Program."},{"key":"16_CR32","unstructured":"Ava Fertility Tracker: Ava fertility tracker - avawomen. https:\/\/www.avawomen.com\/. Accessed 02 Jan 2022"},{"key":"16_CR33","unstructured":"G.E. Tracker. GDPR enforcement tracker - list of GDPR fines. https:\/\/www.enforcementtracker.com\/. Accessed 02 Aug 2022"},{"key":"16_CR34","doi-asserted-by":"crossref","unstructured":"Witt, S., Feja, S., Speck, A.: Applying pattern-based graphical validation rules to business process models. In: Seventh IEEE International Conference on Software Testing, Verification and Validation, ICST 2014 Workshops Proceedings, pp. 274\u2013283. IEEE Computer Society (2014)","DOI":"10.1109\/ICSTW.2014.30"},{"key":"16_CR35","unstructured":"Yang, J.: Preventing information leaks with policy-agnostic programming. Ph.D. thesis, Massachusetts Institute of Technology, Cambridge, MA, USA (2015)"},{"key":"16_CR36","doi-asserted-by":"crossref","unstructured":"Yang, J., Yessenov, K., Solar-Lezama, A.: A language for automatically enforcing privacy policies. In: Proceedings of the 39th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2012, Philadelphia, Pennsylvania, USA, 22\u201328 January 2012, pp. 85\u201396. ACM (2012)","DOI":"10.1145\/2103621.2103669"}],"container-title":["Lecture Notes in Computer Science","Integrated Formal Methods"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-07727-2_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,26]],"date-time":"2024-09-26T06:00:51Z","timestamp":1727330451000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-07727-2_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031077265","9783031077272"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-07727-2_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"1 June 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"IFM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Integrated Formal Methods","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lugano","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Switzerland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 June 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 June 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ifm2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.ifmconference.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"46","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"14","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"30% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Also includes: 1 abstract of an invited talk, 2 invited papers, 7 extended abstracts of presentations accepted at PhD symposium","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}