{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,15]],"date-time":"2024-09-15T00:53:04Z","timestamp":1726361584442},"publisher-location":"Berlin, Heidelberg","reference-count":33,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642235559"},{"type":"electronic","value":"9783642235566"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-23556-6_10","type":"book-chapter","created":{"date-parts":[[2011,8,19]],"date-time":"2011-08-19T00:08:57Z","timestamp":1313712537000},"page":"145-168","source":"Crossref","is-referenced-by-count":21,"title":["Purpose Control: Did You Process the Data for the Intended Purpose?"],"prefix":"10.1007","author":[{"given":"Milan","family":"Petkovi\u0107","sequence":"first","affiliation":[]},{"given":"Davide","family":"Prandi","sequence":"additional","affiliation":[]},{"given":"Nicola","family":"Zannone","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"2","key":"10_CR1","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1016\/j.infsof.2008.04.004","volume":"51","author":"P. Guarda","year":"2009","unstructured":"Guarda, P., Zannone, N.: Towards the Development of Privacy-Aware Systems. Information and Software Technology\u00a051(2), 337\u2013350 (2009)","journal-title":"Information and Software Technology"},{"key":"10_CR2","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1016\/B978-155860869-6\/50021-4","volume-title":"Proceedings of the 28th International Conference on Very Large Data Bases","author":"R. Agrawal","year":"2002","unstructured":"Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic Databases. In: Proceedings of the 28th International Conference on Very Large Data Bases, pp. 143\u2013154. Morgan Kaufmann, San Francisco (2002)"},{"key":"10_CR3","doi-asserted-by":"crossref","first-page":"103","DOI":"10.1145\/644527.644538","volume-title":"Proceedings of the 2002 ACM Workshop on Privacy in the Electronic Society","author":"P. Ashley","year":"2002","unstructured":"Ashley, P., Hada, S., Karjoth, G., Schunter, M.: E-P3P privacy policies and privacy authorization. In: Proceedings of the 2002 ACM Workshop on Privacy in the Electronic Society, pp. 103\u2013109. ACM, New York (2002)"},{"issue":"4","key":"10_CR4","doi-asserted-by":"publisher","first-page":"603","DOI":"10.1007\/s00778-006-0023-0","volume":"17","author":"J.-W. Byun","year":"2008","unstructured":"Byun, J.-W., Li, N.: Purpose based access control for privacy protection in relational database systems. VLDB J\u00a017(4), 603\u2013619 (2008)","journal-title":"VLDB J"},{"issue":"4","key":"10_CR5","doi-asserted-by":"publisher","first-page":"370","DOI":"10.1007\/s00778-006-0009-y","volume":"15","author":"F. Massacci","year":"2006","unstructured":"Massacci, F., Mylopoulos, J., Zannone, N.: Hierarchical Hippocratic Databases with Minimal Disclosure for Virtual Organizations. VLDB J\u00a015(4), 370\u2013387 (2006)","journal-title":"VLDB J"},{"key":"10_CR6","doi-asserted-by":"crossref","unstructured":"Catteddu, D., Hogben, G.: Cloud Computing \u2013 Benefits, risks and recommendations for information security. European Network and Information Security Agency (ENISA), Report (2009)","DOI":"10.1007\/978-3-642-16120-9_9"},{"key":"10_CR7","unstructured":"Daskala, B.: Being diabetic in 2011 \u2013 Identifying Emerging and Future Risks in Remote Health Monitoring and Treatment. European Network and Information Security Agency (ENISA), Report (2009)"},{"key":"10_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/3-540-36467-6_6","volume-title":"Privacy Enhancing Technologies","author":"G. Karjoth","year":"2003","unstructured":"Karjoth, G., Schunter, M., Waidner, M.: Platform for Enterprise Privacy Practices: Privacy-enabled Management of Customer Data. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol.\u00a02482, pp. 69\u201384. Springer, Heidelberg (2003)"},{"issue":"5-6","key":"10_CR9","doi-asserted-by":"publisher","first-page":"466","DOI":"10.1016\/j.ijmedinf.2006.09.014","volume":"76","author":"C. Lovis","year":"2007","unstructured":"Lovis, C., Spahni, S., Cassoni, N., Geissbuhler, A.: Comprehensive management of the access to the electronic patient record: Towards trans-institutional networks. Int. J. of Medical Informatics\u00a076(5-6), 466\u2013470 (2007)","journal-title":"Int. J. of Medical Informatics"},{"key":"10_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-540-71316-6_4","volume-title":"Programming Languages and Systems","author":"A. Lapadula","year":"2007","unstructured":"Lapadula, A., Pugliese, R., Tiezzi, F.: Calculus for Orchestration of Web Services. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol.\u00a04421, pp. 33\u201347. Springer, Heidelberg (2007)"},{"key":"10_CR11","unstructured":"OASIS, Web Services Business Process Execution Language \u2013 Version 2.0, OASIS Standard (2007), http:\/\/docs.oasis-open.org\/wsbpel\/2.0\/OS\/wsbpel-v2.0-OS.html"},{"key":"10_CR12","unstructured":"Object Management Group, Business Process Modeling Notation (BPMN) Specification (version 1.2), OMG document (2009), http:\/\/www.omg.org\/spec\/BPMN\/1.2\/"},{"issue":"1","key":"10_CR13","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1016\/j.is.2007.07.001","volume":"33","author":"A. Rozinat","year":"2008","unstructured":"Rozinat, A., van der Aalst, W.M.P.: Conformance checking of processes based on monitoring real behavior. Inf. Syst.\u00a033(1), 64\u201395 (2008)","journal-title":"Inf. Syst."},{"key":"10_CR14","unstructured":"Enterprise Security and Privacy Authorization (XSPA) Profile of XACML v2.0 for Healthcare, Committee Draft (2008), http:\/\/xml.coverpages.org\/xspa-xacml-profile-CD01-29664.pdf"},{"key":"10_CR15","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1016\/j.jlap.2004.03.009","volume":"60","author":"G. Plotkin","year":"2004","unstructured":"Plotkin, G.: The origins of structural operational semantics. J. Log. Algebr. Program\u00a060, 3\u201315 (2004)","journal-title":"J. Log. Algebr. Program"},{"key":"10_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"249","DOI":"10.1007\/978-3-540-68265-3_16","volume-title":"Coordination Models and Languages","author":"D. Prandi","year":"2008","unstructured":"Prandi, D., Quaglia, P., Zannone, N.: Formal analysis of BPMN via a translation into COWS. In: Wang, A.H., Tennenholtz, M. (eds.) COORDINATION 2008. LNCS, vol.\u00a05052, pp. 249\u2013263. Springer, Heidelberg (2008)"},{"key":"10_CR17","unstructured":"Office of the National Coordinator for Health Information Technology Electronic Health Records and Meaningful Use (2010), http:\/\/healthit.hhs.gov\/portal\/server.pt\/community\/healthit_hhs_gov__meaningful_use_announcement\/2996"},{"issue":"1","key":"10_CR18","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1502777.1502779","volume":"5","author":"D. Ma","year":"2009","unstructured":"Ma, D., Tsudik, G.: A new approach to secure logging. ACM Trans. Storage\u00a05(1), 1\u201321 (2009)","journal-title":"ACM Trans. Storage"},{"issue":"2","key":"10_CR19","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1145\/317087.317089","volume":"2","author":"B. Schneier","year":"1999","unstructured":"Schneier, B., Kelsey, J.: Secure audit logs to support computer forensics. ACM Trans. Inf. Syst. Secur.\u00a02(2), 159\u2013176 (1999)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"10_CR20","first-page":"175","volume-title":"Proceedings of the 22nd Annual Computer Security Applications Conference","author":"L. Rostad","year":"2006","unstructured":"Rostad, L., Edsberg, O.: A study of access control requirements for healthcare systems based on audit trails from access logs. In: Proceedings of the 22nd Annual Computer Security Applications Conference, pp. 175\u2013186. IEEE Computer Society, Los Alamitos (2006)"},{"key":"10_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"230","DOI":"10.1007\/978-3-540-78743-3_17","volume-title":"Fundamental Approaches to Software Engineering","author":"A. Fantechi","year":"2008","unstructured":"Fantechi, A., Gnesi, S., Lapadula, A., Mazzanti, F., Pugliese, R., Tiezzi, F.: A model checking approach for verifying COWS specifications. In: Fiadeiro, J.L., Inverardi, P. (eds.) FASE 2008. LNCS, vol.\u00a04961, pp. 230\u2013245. Springer, Heidelberg (2008)"},{"key":"10_CR22","unstructured":"He, Q., Ant\u00f3n, A.I.: A Framework for Modeling Privacy Requirements in Role Engineering. In: Proceedings of the 9th International Workshop on Requirements Engineering: Foundation for Software Quality, pp. 137\u2013146 (2003)"},{"key":"10_CR23","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1109\/CSFW.2002.1021821","volume-title":"Proceedings of the 15th IEEE Workshop on Computer Security Foundations","author":"G. Karjoth","year":"2002","unstructured":"Karjoth, G., Schunter, M.: A Privacy Policy Model for Enterprises. In: Proceedings of the 15th IEEE Workshop on Computer Security Foundations, pp. 271\u2013281. IEEE Computer Society, Los Alamitos (2002)"},{"key":"10_CR24","doi-asserted-by":"publisher","first-page":"375","DOI":"10.1145\/967900.967983","volume-title":"Proceedings of the 2004 ACM Symposium on Applied Computing","author":"M. Backes","year":"2004","unstructured":"Backes, M., Karjoth, G., Bagga, W., Schunter, M.: Efficient comparison of enterprise privacy policies. In: Proceedings of the 2004 ACM Symposium on Applied Computing, pp. 375\u2013382. ACM, New York (2004)"},{"key":"10_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/11555827_7","volume-title":"Computer Security \u2013 ESORICS 2005","author":"M. Hilty","year":"2005","unstructured":"Hilty, M., Basin, D.A., Pretschner, A.: On Obligations. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol.\u00a03679, pp. 98\u2013117. Springer, Heidelberg (2005)"},{"key":"10_CR26","unstructured":"OASIS, eXtensible Access Control Markup Language (XACML) Version 2.0, OASIS Standard (2005), http:\/\/docs.oasis-open.org\/xacml\/2.0\/access_control-xacml-2.0-core-spec-os.pdf"},{"key":"10_CR27","unstructured":"Al-Fedaghi, S.S.: Beyond purpose-based privacy access control. In: Proceedings of the 8th Conference on Australasian Database, pp. 23\u201332. Australian Computer Society, Inc. (2007)"},{"key":"10_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"383","DOI":"10.1007\/978-3-540-78739-6_29","volume-title":"Programming Languages and Systems","author":"C. Fournet","year":"2008","unstructured":"Fournet, C., Guts, N., Nardelli, F.Z.: A formal implementation of value commitment. In: Gairing, M. (ed.) ESOP 2008. LNCS, vol.\u00a04960, pp. 383\u2013397. Springer, Heidelberg (2008)"},{"issue":"2-3","key":"10_CR29","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1007\/s10207-007-0017-y","volume":"6","author":"J.G. Cederquist","year":"2007","unstructured":"Cederquist, J.G., Corin, R.J., Dekker, M.A.C., Etalle, S., den Hartog, J.I., Lenzini, G.: Audit-based compliance control. Int. J. Inf. Sec.\u00a06(2-3), 133\u2013151 (2007)","journal-title":"Int. J. Inf. Sec."},{"key":"10_CR30","doi-asserted-by":"crossref","unstructured":"Agrawal, R., Bayardo, R., Faloutsos, C., Kiernan, J., Rantzau, R., Srikant, R.: Auditing Compliance with a Hippocratic Database. In: Proceedings of the 30th International Conference on Very Large Data Bases. VLDB Endowment, pp. 516\u2013527 (2004)","DOI":"10.1016\/B978-012088469-8.50047-4"},{"key":"10_CR31","first-page":"62","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy","author":"H.H. Feng","year":"2003","unstructured":"Feng, H.H., Kolesnikov, O.M., Fogla, P., Lee, W., Gong, W.: Anomaly detection using call stack information. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 62\u201375. IEEE Computer Society, Los Alamitos (2003)"},{"key":"10_CR32","unstructured":"Kumar, S., Spafford, E.H.: A Pattern Matching Model for Misuse Intrusion Detection. In: Proceedings of the 17th National Computer Security Conference, pp. 11\u201321 (1994)"},{"issue":"9","key":"10_CR33","doi-asserted-by":"publisher","first-page":"1128","DOI":"10.1109\/TKDE.2004.47","volume":"16","author":"W.M.P. Aalst van der","year":"2004","unstructured":"van der Aalst, W.M.P., Weijters, T., Maruster, L.: Workflow Mining: Discovering Process Models from Event Logs. IEEE Trans. Knowl. Data Eng.\u00a016(9), 1128\u20131142 (2004)","journal-title":"IEEE Trans. Knowl. Data Eng."}],"container-title":["Lecture Notes in Computer Science","Secure Data Management"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-23556-6_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,30]],"date-time":"2021-11-30T21:36:13Z","timestamp":1638308173000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-23556-6_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642235559","9783642235566"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-23556-6_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2011]]}}}