{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T21:34:31Z","timestamp":1776116071014,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":30,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783662583869","type":"print"},{"value":"9783662583876","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-662-58387-6_2","type":"book-chapter","created":{"date-parts":[[2019,8,29]],"date-time":"2019-08-29T11:03:39Z","timestamp":1567076619000},"page":"20-37","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":49,"title":["On Purpose and by Necessity: Compliance Under the GDPR"],"prefix":"10.1007","author":[{"given":"David","family":"Basin","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"S\u00f8ren","family":"Debois","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Thomas","family":"Hildebrandt","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,12,7]]},"reference":[{"key":"2_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11841197_1","volume-title":"Web Services and Formal Methods","author":"WMP Aalst van der","year":"2006","unstructured":"van der Aalst, W.M.P., Pesic, M.: DecSerFlow: towards a truly declarative service flow language. In: Bravetti, M., N\u00fa\u00f1ez, M., Zavattaro, G. (eds.) WS-FM 2006. LNCS, vol. 4184, pp. 1\u201323. Springer, Heidelberg (2006). \n                      https:\/\/doi.org\/10.1007\/11841197_1"},{"key":"2_CR2","unstructured":"BPMN Technical Committee: Business process model and notation (BPMN). Technical Report formal\/2011-01-03, Object Management Group. Version 2.0, January 2011"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"Byun, J.-W., Bertino, E., Li, N.: Purpose based access control of complex data for privacy protection. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies, pp. 102\u2013110. ACM (2005)","DOI":"10.1145\/1063979.1063998"},{"issue":"4","key":"2_CR4","doi-asserted-by":"publisher","first-page":"603","DOI":"10.1007\/s00778-006-0023-0","volume":"17","author":"J-W Byun","year":"2008","unstructured":"Byun, J.-W., Li, N.: Purpose based access control for privacy protection in relational database systems. VLDB J. 17(4), 603\u2013619 (2008)","journal-title":"VLDB J."},{"key":"2_CR5","volume-title":"Process Innovation: Reengineering Work Through Information Technology","author":"TH Davenport","year":"1993","unstructured":"Davenport, T.H.: Process Innovation: Reengineering Work Through Information Technology. Harvard Business Press, Boston (1993)"},{"key":"2_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1007\/978-3-319-23063-4_5","volume-title":"Business Process Management","author":"S Debois","year":"2015","unstructured":"Debois, S., Hildebrandt, T., Slaats, T.: Concurrency and asynchrony in declarative workflows. In: Motahari-Nezhad, H.R., Recker, J., Weidlich, M. (eds.) BPM 2015. LNCS, vol. 9253, pp. 72\u201389. Springer, Cham (2015). \n                      https:\/\/doi.org\/10.1007\/978-3-319-23063-4_5"},{"issue":"3","key":"2_CR7","doi-asserted-by":"publisher","first-page":"1482","DOI":"10.1016\/j.eswa.2010.07.057","volume":"38","author":"Md. Enamul Kabir","year":"2011","unstructured":"Enamul Kabir, Md., Wang, H., Bertino, E.: A conditional purpose-based access control model with dynamic roles. Expert Syst. Appl. 38(3), 1482\u20131489 (2011)","journal-title":"Expert Systems with Applications"},{"key":"2_CR8","unstructured":"Facebook Data Policy. \n                      https:\/\/www.facebook.com\/policy.php\n                      \n                    . Accessed 9 Aug 2017"},{"key":"2_CR9","unstructured":"Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95\/46\/EC (General Data Protection Regulation). Off. J. Eur. Union, L119, 1\u201388 (2016)"},{"key":"2_CR10","unstructured":"Google Privacy Policy. \n                      https:\/\/www.google.com\/policies\/privacy\/\n                      \n                    . Accessed 9 Aug 2017"},{"key":"2_CR11","volume-title":"Modeling Reactive Systems with Statecharts: The Statemate Approach","author":"D Harel","year":"1998","unstructured":"Harel, D., Politi, M.: Modeling Reactive Systems with Statecharts: The Statemate Approach, 1st edn. McGraw-Hill Inc., New York (1998)","edition":"1"},{"key":"2_CR12","doi-asserted-by":"publisher","first-page":"59","DOI":"10.4204\/EPTCS.69.5","volume":"69","author":"Thomas T. Hildebrandt","year":"2011","unstructured":"Hildebrandt, T., Mukkamala, R.R.: Declarative event-based workflow as distributed dynamic condition response graphs. In: Post-Proceedings of PLACES 2010, EPTCS, vol. 69, pp. 59\u201373 (2010)","journal-title":"Electronic Proceedings in Theoretical Computer Science"},{"key":"2_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-19589-1_1","volume-title":"Web Services and Formal Methods","author":"R Hull","year":"2011","unstructured":"Hull, R., et al.: Introducing the guard-stage-milestone approach for specifying business entity lifecycles. In: Bravetti, M., Bultan, T. (eds.) WS-FM 2010. LNCS, vol. 6551, pp. 1\u201324. Springer, Heidelberg (2011). \n                      https:\/\/doi.org\/10.1007\/978-3-642-19589-1_1"},{"key":"2_CR14","unstructured":"IBM Privacy Policy. \n                      https:\/\/www.ibm.com\/privacy\/us\/en\/\n                      \n                    . Accessed 9 Aug 2017"},{"key":"2_CR15","doi-asserted-by":"crossref","unstructured":"Jafari, M., Fong, P.W.L., Safavi-Naini, R., Barker, K., Sheppard, N.P.: Towards defining semantic foundations for purpose-based privacy policies. In: Proceedings of the First ACM Conference on Data and Application Security and Privacy, CODASPY 2011, pp. 213\u2013224. ACM, New York (2011)","DOI":"10.1145\/1943513.1943541"},{"issue":"4","key":"2_CR16","first-page":"211","volume":"4","author":"J Knoop","year":"1996","unstructured":"Knoop, J., R\u00fcthing, O., Steffen, B.: Towards a tool kit for the automatic generation of interprocedural data flow analyses. J. Prog. Lang. 4(4), 211\u2013246 (1996)","journal-title":"J. Prog. Lang."},{"key":"2_CR17","doi-asserted-by":"crossref","unstructured":"Kumar, N.V.N., Shyamasundar, R.K.: Realizing purpose-based privacy policies succinctly via information-flow labels. In: 2014 IEEE Fourth International Conference on Big Data and Cloud Computing, pp. 753\u2013760, December 2014","DOI":"10.1109\/BDCloud.2014.89"},{"key":"2_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1104","DOI":"10.1007\/978-3-540-88873-4_12","volume-title":"On the Move to Meaningful Internet Systems: OTM 2008","author":"A Masoumzadeh","year":"2008","unstructured":"Masoumzadeh, A., Joshi, J.B.D.: PuRBAC: purpose-aware role-based access control. In: Meersman, R., Tari, Z. (eds.) OTM 2008. LNCS, vol. 5332, pp. 1104\u20131121. Springer, Heidelberg (2008). \n                      https:\/\/doi.org\/10.1007\/978-3-540-88873-4_12"},{"key":"2_CR19","unstructured":"Mukkamala, R.R.: A formal model for declarative workflows: dynamic condition response graphs. Ph.D. thesis, IT University of Copenhagen (2012)"},{"issue":"3","key":"2_CR20","doi-asserted-by":"publisher","first-page":"24:1","DOI":"10.1145\/1805974.1805980","volume":"13","author":"Q Ni","year":"2010","unstructured":"Ni, Q., et al.: Privacy-aware role-based access control. ACM Trans. Inf. Syst. Secur. 13(3), 24:1\u201324:31 (2010)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"2_CR21","unstructured":"Object Management Group: Unified modeling language: superstructure. Technical report formal\/05-07-04, Object Management Group, Version 2.0 (2005)"},{"key":"2_CR22","unstructured":"Object Management Group: Unified modeling language: infrastructure. Technical report formal\/05-07-05, Object Management Group, Version 2.0, March 2006"},{"key":"2_CR23","unstructured":"Object Management Group: Case management model and notation. Technical report formal\/2014-05-05, Object Management Group, Version 1.0, May 2014"},{"key":"2_CR24","doi-asserted-by":"crossref","unstructured":"Peng, H., Gu, J., Ye, X.: Dynamic purpose-based access control. In: 2008 IEEE International Symposium on Parallel and Distributed Processing with Applications, pp. 695\u2013700, December 2008","DOI":"10.1109\/ISPA.2008.80"},{"key":"2_CR25","doi-asserted-by":"crossref","unstructured":"Pesic, M., Schonenberg, H., van der Aalst, W.M.P.: DECLARE: full support for loosely-structured processes. In: Proceedings of the 11th IEEE International Enterprise Distributed Object Computing Conference, pp. 287\u2013300. IEEE (2007)","DOI":"10.1109\/EDOC.2007.4384001"},{"key":"2_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1007\/978-3-642-23556-6_10","volume-title":"Secure Data Management","author":"M Petkovi\u0107","year":"2011","unstructured":"Petkovi\u0107, M., Prandi, D., Zannone, N.: Purpose control: did you process the data for the intended purpose? In: Jonker, W., Petkovi\u0107, M. (eds.) SDM 2011. LNCS, vol. 6933, pp. 145\u2013168. Springer, Heidelberg (2011). \n                      https:\/\/doi.org\/10.1007\/978-3-642-23556-6_10"},{"issue":"9","key":"2_CR27","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1145\/1151030.1151053","volume":"49","author":"A Pretschner","year":"2006","unstructured":"Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Commun. ACM 49(9), 39\u201344 (2006)","journal-title":"Commun. ACM"},{"key":"2_CR28","doi-asserted-by":"crossref","unstructured":"Pretschner, A., Hilty, M., Basin, D., Schaefer, C., Walter, T.: Mechanisms for usage control. In: ASIACCS 2008: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, pp. 240\u2013244. ACM (2008)","DOI":"10.1145\/1368310.1368344"},{"key":"2_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"329","DOI":"10.1007\/978-3-319-45348-4_19","volume-title":"Business Process Management","author":"I Weber","year":"2016","unstructured":"Weber, I., Xu, X., Riveret, R., Governatori, G., Ponomarev, A., Mendling, J.: Untrusted business process monitoring and execution using blockchain. In: La Rosa, M., Loos, P., Pastor, O. (eds.) BPM 2016. LNCS, vol. 9850, pp. 329\u2013347. Springer, Cham (2016). \n                      https:\/\/doi.org\/10.1007\/978-3-319-45348-4_19"},{"key":"2_CR30","doi-asserted-by":"crossref","unstructured":"Yang, N., Barringer, H., Zhang, N.: A purpose-based access control model. In: Third International Symposium on Information Assurance and Security, pp. 143\u2013148, August 2007","DOI":"10.1109\/IAS.2007.29"}],"container-title":["Lecture Notes in Computer Science","Financial Cryptography and Data Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-58387-6_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,29]],"date-time":"2019-08-29T11:03:59Z","timestamp":1567076639000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-58387-6_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783662583869","9783662583876"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-58387-6_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"7 December 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Financial Cryptography and Data Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Nieuwpoort","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cura\u00e7ao","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 February 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 March 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fc2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/fc18.ifca.ai\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"110","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"25% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,27","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,27","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}