HP Labs Privacy Management Vision, Research and Work

HP LabsPrivacy ManagementVision, Researchand Work Marco Casassa Mont Senior Researcher Trusted Systems Lab HP Labs, Bristol, UK

Overview of HP Labs and Privacy Management Group • Overview of HP Labs and Privacy Management Group • Key Privacy Concepts • HP Labs Privacy Management Research and Work: • Privacy Policy Enforcement • Privacy Obligation Management • Conclusions Outline

Trusted Systems Laboratory Bristol, UK HP Labs http://www.hpl.hp.com Bristol China Palo Alto Israel Japan ~600 employees worldwide India Roles of HP Labs • Contribute to HP Strategy Creation • Grow HP's Business with Strategically Aligned Technologies • Create Technologies that Enable New Opportunities for HP • Invest in Fundamental Science in Areas of Interest to HP

TSL Privacy Management Group • Our Vision: Address privacy management Issues with innovative IT technologies and solutions • Our Premise:Integrating privacy management into the middleware layer of a data processing system will provide most benefits, e.g., common approach, re-usable software, etc. • Our Approach:Design, build and test Proof-of-Concept prototypes ThreatManagement ITGovernance TrustedInfrastructure HP Labs: Trusted Systems LaboratorySecurity Research Mission Research on Trust, Security and Privacy to provide Safe, Simple to own, and Assured Systems, Enabling Confident Participation in the Digital Economyand delivered through HP’s Infrastructures and Infrastructure Services

Key Privacy Concepts • Overview of HP Labs and Privacy Management Group • Key Privacy Concepts • HP Labs Privacy Management Research and Work: • Privacy Policy Enforcement • Privacy Obligation Management • Conclusions Outline

Regulations, Standards, Best Practices Policy Development Effective Enterprise Privacy depends on Good Governance Practices Reporting IT Alignment Transparency Policy Enforcement Monitoring Privacy Legislation (EU Laws, HIPAA, COPPA,SOX, GLB, Safe Harbour, …) Internal Guidelines Enterprise IT Infrastructure Customers’ Expectations Applications & Services Impact on Enterprises and Opportunities Personal Data PEOPLE ENTERPRISE Positive Impact on Reputation, Brand, Customer Retention Customers’ Satisfaction Regulatory Compliance Enterprise Privacy Management

Purpose Specification Consent Privacy Permissions Limited Collection Privacy Obligations Privacy Rights Limited Use Limited Disclosure Limited Retention Privacy For Personal Data: Core Principles Privacy Policies

Overview of HP Labs and Privacy Management Group • Key Privacy Concepts • HP Labs Privacy Management Research and Work: • Privacy Policy Enforcement • Privacy Obligation Management • Conclusions Outline • HP Labs Privacy Management Research and Work: • Privacy Policy Enforcement • Privacy Obligation Management

Regulations, Standards, Best Practices Policy Development IT Alignment Privacy Policy Enforcement Policy Enforcement Enterprise IT Infrastructure Privacy Policy Enforcement in Enterprises • How to Enforce Privacy Policies within Enterprises when • Accessing and Manipulating Personal Data? • How to Enforce User Preferences, e.g. Consent? • How to Integrate with Identity Management Solutions? • HP Labs R&D Work • Privacy-Aware Access • Control System for • Personal Data • Prototype Integrated • with HP Select Access • HP Business Considering its • Productisation in 2006

Rights Actions Requestor Rights Actions Requestor Purpose Requestor’s Intent Access Control Owner’s Consent Access Control Other… Privacy Extension Constraints Personal Data It is not just a matter of traditional access control: need to include data purpose, intent and user’s consent Moving Towards a “Privacy-Aware” Access Control … Personal Data Privacy-Aware Access Control Traditional Access Control Privacy Enforcement on Data: Access Control + “Intent, Purpose, Consent, …”

Consent Marketing Research uid Name Condition Diagnosis x 1 1 Alice Alcoholic Cirrhosis x x 2 2 Rob Drug Addicted HIV 3 3 Julie Contagious Illness Hepatitis Privacy Policy Enforcement Enforcement: Filter data Access Table T1 (SELECT * FROM T1) Intent = “Marketing” uid Name Condition Diagnosis Filtered data 1 - Alcoholism Cirrhosis 2 - - - 3 - Contagious Illness Hepatitis Example: Privacy-aware Access Control with Consent, Purpose and Intent Mgmt Table T1 with PII Data and Customers’ Consent Enterprise Privacy Policies & Customers’ Consent T1 If role==“empl.” andintent == “Marketing” Then Allow Access (T1.Condition,T1.Diagnosis) & Enforce (Consent) Else If intent == “Research” Then Allow Access (T1.Diagnosis) & Enforce (Consent) Else Deny Access T2 SELECT “-”,Condition, Diagnosis FROM T1, T2 WHERE T1.uid=T2.Consent AND T2.Marketing=“YES”

Privacy Policy Deployment & Decisions Access Request Web Services Validator (Policy Decision) Grant/Deny Applications, Services, … Requestor’s Intent+ Request to Access Data Policy Repository HPL Plug-ins Privacy- aware Access Request AccessControl Policies Data Access Privacy- aware Decision Enforcer HPL Data Enforcer Enforcer Enforcer Plug - in + Privacy Policies (intent, purpose, consent, constraints…) Plug - in Plug - in Privacy Policy Enforcement On Personal Data Data Modelling & Privacy Policy Authoring Privacy-aware Access to Data Policy Builder Audit HPL Plug-ins Personal Data + Owners’ Consent Privacy Enforcement in HP Select Access

Effect of applying the privacy policy (data filtering) Effect of applying the privacy policy (data filtering) Rule Editor Give consent to access data For Declared Purposes e.g. Research Purpose-based Decision plug-in Data Filtering plug-in Effect of enforcing customers’ Consent Consent Management plug-in Effect of enforcing customers’ Consent Data Retention Preferences Data Expiration plug-in The new customer data is (partially) visible as she gave consent to use her data for Research purposes The new customer data is not visible as she gave no consent to use her data for Marketing purposes Prototype: Demo Snapshots

Overview of HP Labs and Privacy Management Group • Key Privacy Concepts • HP Labs Privacy Management Research and Work: • Privacy Policy Enforcement • Privacy Obligation Management • Conclusions Outline • HP Labs Privacy Management Research and Work: • Privacy Policy Enforcement • Privacy Obligation Management

Regulations, Standards, Best Practices Policy Development Reporting IT Alignment Transparency Obligation Monitoring Privacy Obligation Enforcement Policy Enforcement Monitoring Enterprise IT Infrastructure Privacy Obligation Management • Privacy Obligations dictate Duties and Expectations to Enterprises on How to Handle Personal Data: • Which Privacy Obligations to Manage? How to Represent them? • How to Schedule, Enforce and Monitor Privacy Obligations? • How to Integrate with Identity Management Solutions? • HP Labs R&D Work • Privacy Obligation • Management System • Prototype Integrated • with HP Select Identity • Explore its Productisation • Research in EU PRIME • Project

Obligations can be • Very Abstract Obligation Management Framework Obligations Monitoring Obligations Enforcement Obligations Scheduling Data Subjects Administrators Privacy Obligations Personal Data (PII) ENTERPRISE Obligation Management System (OMS): Model • More Refined • Privacy Obligations • dictate Responsibilities • and Duties on • Personal Information: • - Notice Requirements • - Enforcement of • opt-in/opt-out options • - Limits of Reuse • - Data Retention • - Data Deletion • - Data Transformation • Privacy Obligations • are not Subordinated • to Access Control

Enforcing Privacy Obligations Setting Privacy Obligations On Personal Data Monitoring Privacy Obligations Obligation Management System High Level System Architecture Applications and Services Data Subjects Admins Privacy-enabled Portal Events Handler Obligation Monitoring Service Monitoring Task Handler Admins Obligation Server Workflows Obligation Enforcer Obligation Scheduler Information Tracker Action Adaptors ENTERPRISE Audit Server Data Ref. Obligation Obligation Store & Versioning Confidential Data

User Provisioning and Obligation Management Management of Privacy Obligation in the context of User Provisioning and Account Management: Turn Privacy Preferences into Privacy Obligations Personal Data + Privacy Preferences (e.g. Deletion, Notification) Obligation Management System Self Registration and User Account Management HP Select Identity Connectors Privacy Obligation Enforcement & Monitoring Data Subject Service API User Provisioning Enterprise Data Repositories

The new user provisioning request has been successful – User information will also be provisioned via the OMS connector that will cause the creation of new privacy obligations based on previous user’ privacy preferences New Privacy Obligations generated as Effect of provisioning a new User and Handling Privacy preferences (Deletion and Notification) View: Monitored Obligations (enforced obligations) Note: In this example, the last two obligations in the list are in the “Violated” status (RED colour). This status and the details can be logged/audited and reported to the administrator for follow-up actions View: List of Managed Obligations (to be enforced and enforced obligations) Note: in this example all obligations are enforced (status OK or Violated) Details of Selected Obligation Privacy Preferences (deletion times of selected attributes and of the entire account) Privacy Preferences (notification of deletions via e-mail) HP Select Identity Obligation Management System - GUI Prototype: Demo Snapshots

Conclusions • Overview of HP Labs and Privacy Management Group • Key Privacy Concepts • HP Labs Privacy Management Research and Work: • Privacy Policy Enforcement • Privacy Obligation Management • Conclusions Outline

Conclusions • Privacy Management is a Key Aspect of IT Governance and Regulatory • Compliance for Enterprises • Key Privacy Management Requirements for Enterprises: • Privacy Enforcement • Automation and Cost Reduction • Integration with Identity Management Solutions • HP Labs’ Contributions: • - Vision: Address Privacy Management with IT Solutions and Technologies • Technology: Privacy Policy Enforcement with HP Select Access • Technology: Privacy Obligation Management with HP Select Identity • HP Labs keen to Collaborate with Customers for Trials and Requirements • More Information: • http://www.hpl.hp.com/research/ssrc/security/

HP Labs Privacy Management Vision, Research and Work

HP Labs Privacy Management Vision, Research and Work

Presentation Transcript

From the Labs: Yahoo! Research Labs

HIPAA Privacy and Research

Alan H. Karp HP Labs

Privacy, Security, and Identity Management for Research Environments

Privacy regulation and research

Privacy regulation and research

Jayaram Mudigonda, HP Labs Praveen Yalagandula, HP Labs

Overview of research at HP Labs India

Global Innovation and HP Labs

stavros harizopoulos HP Labs

Symantec Research Labs

Serdar Tasiran Systems Research Center, HP Labs (formerly Compaq)

Symantec Research Labs

HP Labs: High-impact Research September 23, 2009

HP Labs Semantic Web Programme

Verification at HP Labs

Security Research at HP Labs

e-Labs and Research Objects

2 Computer Vision Labs

Overview of research at HP Labs India

Privacy Management with HP OpenView Identity Management

HP Labs and the semantic web