Skip to main content

On Privacy and Compliance

Researchers: Anupam Datta, Zeliha Dilsun Kaynar

Research Area: Privacy Protection

Cross Cutting Thrusts: Cryptography

Abstract

Scope: The project focuses on: 1. Logic-based languages for specifying privacy policies, where privacy policies may refer to aggregate information as well as information about individuals. 2. Automated or partially-automated enforcement methods for policies specified using the logic-based policy specification language. 3. Lifting database privacy definitions and associated constructions (such as differential privacy) to organizational processes in order to enforce end-to-end privacy guarantees for processes that handle both individual and aggregate anonymized information.

Outcomes: Disseminate the results of our research by publishing research papers and delivering presentations. Produce machine-processable representations (in the form of formulae in our logic) of privacy-related aspects of three US privacy laws (HIPAA, GLBA, FERPA).

Technical Reports: A Logical Method for Policy Enforcement over Evolving Audit Logs (Revised February 24, 2011) | Logical Specification of the GLBA and HIPAA Privacy Laws | Privacy Policy Specification and Audit in a Fixed-Point Logic - How to enforce HIPAA, GLBA and all that