Next Article in Journal
Comparing Approaches for Evaluating Digital Interventions on the Shop Floor
Next Article in Special Issue
A Taxonomy in Robot-Assisted Training: Current Trends, Needs and Challenges
Previous Article in Journal
Trading off Network Density with Frequency Spectrum for Resource Optimization in 5G Ultra-Dense Networks
Previous Article in Special Issue
Average Load Definition in Random Wireless Sensor Networks: The Traffic Load Case
Open AccessArticle

Identity Management and Protection Motivated by the General Data Protection Regulation of the European Union—A Conceptual Framework Based on State-of-the-Art Software Technologies

Fraunhofer-Institut für Optronik, Systemtechnik und Bildauswertung IOSB, Fraunhoferstr.1, 76131 Karlsruhe, Germany
*
Author to whom correspondence should be addressed.
This paper is an extended version of two other papers by the authors that have been published in Proceedings of the 11th International Conference on PErvasive Technologies Related to Assistive Environments (PETRA 2018), Island of Rhodes, Greece, 26–29 June 2017.
Technologies 2018, 6(4), 115; https://doi.org/10.3390/technologies6040115
Received: 31 October 2018 / Revised: 29 November 2018 / Accepted: 30 November 2018 / Published: 4 December 2018
(This article belongs to the Special Issue The PErvasive Technologies Related to Assistive Environments (PETRA))
In times of strongly (personal) data-driven economy, the inception of the European General Data Protection Regulation (GDPR) recently reinforced the call for transparency and informational self-determination—not only due to the penalties for data protection violations becoming significantly more severe. This paper recaps the GDPR articles that should be noticed by software designers and developers and explains how, from the perspective of computer scientists, the summarized requirements can be implemented based on state-of-the-art technologies, such as data provenance tracking, distributed usage control, and remote attestation protocols. For this, the challenges for data controllers, i.e., the service providers, as well as for the data subjects, i.e., the users whose personal data are being processed by the services, are worked out. As a result, this paper proposes the ideal functionality of a next-generation privacy dashboard interacting with data provenance and usage control infrastructure implemented at the service providers to operationalize the legal rights of the data subject granted by the GDPR. Finally, it briefly outlines the options for establishing trust in data provenance tracking and usage control infrastructures operated by the service providers themselves. View Full-Text
Keywords: data protection; privacy; GDPR; identity management; data provenance tracking; usage control; remote attestation; trusted computing data protection; privacy; GDPR; identity management; data provenance tracking; usage control; remote attestation; trusted computing
Show Figures

Figure 1

MDPI and ACS Style

Birnstill, P.; Krempel, E.; Wagner, P.G.; Beyerer, J. Identity Management and Protection Motivated by the General Data Protection Regulation of the European Union—A Conceptual Framework Based on State-of-the-Art Software Technologies. Technologies 2018, 6, 115.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map

1
Back to TopTop