How to Improve the GDPR Compliance through Consent Management and Access Control

Said Daoudagh; Said Daoudagh; Eda Marchetti; Vincenzo Savarino; Roberto Di Bernardo; Marco Alessi

doi:10.5220/0010260205340541

How to Improve the GDPR Compliance through Consent Management and Access Control

Said Daoudagh, Said Daoudagh, Eda Marchetti, Vincenzo Savarino, Roberto Di Bernardo, Marco Alessi

2021

Abstract

This paper presents a privacy-by-design solution based on Consent Manager (CM) and Access Control (AC) to aid organizations to comply with the GDPR. The idea is to start from the GDPR’s text, transform it into a machine-readable format through a given CM, and then convert the obtained outcome to a set of enforceable Access Control Policies (ACPs). As a result, we have defined a layered architecture that makes any given system privacy-aware, i.e., systems that are compliant by-design with the GDPR. Furthermore, we have provided a proof-of-concept by integrating a Consent Manager coming from an industrial context and an AC Manager coming from academia.

Download

Paper Citation

in Harvard Style

Daoudagh S., Marchetti E., Savarino V., Di Bernardo R. and Alessi M. (2021). How to Improve the GDPR Compliance through Consent Management and Access Control.In Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-491-6, pages 534-541. DOI: 10.5220/0010260205340541

in Bibtex Style

@conference{icissp21,
author={Said Daoudagh and Eda Marchetti and Vincenzo Savarino and Roberto Di Bernardo and Marco Alessi},
title={How to Improve the GDPR Compliance through Consent Management and Access Control},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2021},
pages={534-541},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010260205340541},
isbn={978-989-758-491-6},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - How to Improve the GDPR Compliance through Consent Management and Access Control
SN - 978-989-758-491-6
AU - Daoudagh S.
AU - Marchetti E.
AU - Savarino V.
AU - Di Bernardo R.
AU - Alessi M.
PY - 2021
SP - 534
EP - 541
DO - 10.5220/0010260205340541