master’s thesis - tum · 16.11.2018 laura stojko, master’s thesis final presentation what are...
Post on 09-Jun-2020
10 Views
Preview:
TRANSCRIPT
Chair of Software Engineering for Business Information Systems (sebis)
Faculty of Informatics
Technische Universität München
wwwmatthes.in.tum.de
Master’s Thesis:
An Information Model as a Basis for Data Gathering to comply
with Data Portability according to GDPR Art. 20Laura Stojko, 16.11.2018, Final Presentation
1. Motivation & Research Outline
2. Requirement Analysis GDPR Art. 20
3. Information Model Development
4. Information Model Evaluation
5. Next Steps
Outline
© sebis16.11.2018 Laura Stojko, Master’s Thesis Final Presentation 2
MotivationGDPR - Storyline
© sebis 3
New general data protection regulation (GDPR) [1]
• People have more control over their personal data
• Businesses benefit from a level playing field
4 years of preparationand debate
14 April 2016
Finally approved by EU Parliament
Transition period forcompanies
25 May 2018
Enforcement
Data protection rules for all companies operating in the EU
requiresNew processes and techniques to
meet legal requirements
16.11.2018 Laura Stojko, Master’s Thesis Final Presentation
Controller1
MotivationGDPR - Article 20: Data Portability
© sebis 4
the right to receive
(without hindrance from the data controller) data concerning data subject which he/she has provided (§1);
the right to transmit
(without hindrance from the data controller) those data to another controller (§1); and
the right to have the personal data
transmitted directly
from one controller to another (§2).
GDPR
Article 20: Data
Portability
Controller2Controller1 Controller2Controller1
[2]
16.11.2018 Laura Stojko, Master’s Thesis Final Presentation
MotivationGDPR - Article 20: Data Portability
© sebis 5
§ 20 GDPR - Data Portability
Gives the right tocustomers to requestreports about storedpersonal data, datausage and handling
Companies must extractall information aboutrequester and give
additional informationabout data usage
Research Goal:Development of an information model that enables a service for data collection to comply with GDPR Art. 20
16.11.2018 Laura Stojko, Master’s Thesis Final Presentation
What are existing approaches of information models?
What are the requirements for fulfilment of GDPR Art. 20?
What is a possible information model for business objects covering the requirements of GDPR Art. 20?
How useful and applicable is the developed information model?
Research Questions
© sebis 6
Research Goal:Development of an information model that enables a service for data collection to comply with GDPR Art. 20
16.11.2018 Laura Stojko, Master’s Thesis Final Presentation
1. Motivation & Research Outline
2. Requirement Analysis GDPR Art. 20
3. Information Model Development
4. Information Model Evaluation
5. Next Steps
Outline
© sebis16.11.2018 Laura Stojko, Master’s Thesis Final Presentation 7
Requirement Analysis GDPR Art. 20 – by Breaux [3]
© sebis 816.11.2018 Laura Stojko, Master’s Thesis Final Presentation
(a) Goals are mined from policies.
(b) Restate goals as Restricted Natural Language Statements (RNLS).
(c) RNLS are parameterized to build semantic models.
Requirement Analysis GDPR Art. 20
© sebis 9
personal data concerning the data subject
consent pursuant
explicit consent pursuant
specific categories of personal data
contract pursuant
erasure date
public interest
Data Portability (Art. 20)
Lawfulness of processing (Art. 6 (1 a, b))
Processing of special categories of personal data (Art. 9 (2 a))Processing of special categories of personal data (Art. 9 (2 a))
Data Portability (Art. 20)
Right to Erasure (Art. 17)
Right to Erasure (Art. 17)
16.11.2018 Laura Stojko, Master’s Thesis Final Presentation
Required information GDPR source
1. Motivation & Research Outline
2. Requirement Analysis GDPR Art. 20
3. Information Model Development
4. Information Model Evaluation
5. Next Steps
Outline
© sebis16.11.2018 Laura Stojko, Master’s Thesis Final Presentation 10
Information Model Development
© sebis 11
IM
Basis: Business Objects
Requirementanalysis
16.11.2018 Laura Stojko, Master’s Thesis Final Presentation
Information Model Development - Abstraction Level
© sebis 1216.11.2018 Laura Stojko, Master’s Thesis Final Presentation
An IM independent ofcompany, industry or platform
Service definition [4]
Final Information Model – Twitter Example
© sebis 1316.11.2018 Laura Stojko, Master’s Thesis Final Presentation
SQL Statements
SELECT *FROM UserINNER JOIN Tweet ON User.UserId = Tweet.UserIdWHERE UserId = 12345;
…
Task
Collect all data provided by the User with ID 12345
User Enforcement
User 12345 is authenticated and requests a report according to data portability GDPR Art. 20
User
12345
[8]
Final Information Model
© sebis 1416.11.2018 Laura Stojko, Master’s Thesis Final Presentation
•This service is an integration layer which requests data sources for the required information for the data transfer and consolidates the results.
GDPR Data Gathering Service:
•This class provides a list of information which are necessary to fulfill data portability. It is the basis for the GDPR Data Gathering Service, as it provides the properties the service queries.
Data Portability (GDPR Art. 20) Requirements
•A Business Subject is a type of business object which is stored as master data. Examples for a Business Subject are product records or customer records. For this thesis, Business Subjects which are directly related to a person, like a customers record, are in focus.
Business Subject:
•A Business Entity is a type of business object which is created by and directly connected to a Business Subject, in other words transaction data (e.g. invoices, orders).
Business Entity:
personal data concerning the data subject
consent pursuant
explicit consent pursuant
specific categories of personal data
contract pursuant
erasure date
public interest
1. Motivation & Research Outline
2. Requirement Analysis GDPR Art. 20
3. Information Model Development
4. Information Model Evaluation
5. Next Steps
Outline
© sebis16.11.2018 Laura Stojko, Master’s Thesis Final Presentation 15
Expert Interviews - Overview
© sebis11.06.2018 Laura Stojko, Master Thesis Kick-Off 16
Expert Interviews – Evaluation of the Information Model
according to Lindland et al. criteria:
based on the sign theory and is developed for conceptual models like data models, process models, interaction models etc.
Syntactic quality: realization of the modelling language used within the model. (only use statements which are syntactic correct)
Semantic quality: validity and completeness of the model with respect to the problem domain.
Pragmatic quality: the interpretation of the model by the stakeholders and the objective of comprehensibility.
The evaluation of Lindland et al. [6] proposed quality framework by Moody et al. [7] determines the framework as
’valid, with the quality categories found to be necessary, sufficient and independent.’
© sebis 1716.11.2018 Laura Stojko, Master’s Thesis Final Presentation
Expert Interviews – Information Model Evaluation Outcomes
Expert‘s opinion regarding information model:
© sebis16.11.2018 Laura Stojko, Master’s Thesis Final Presentation 18
Advantages• Syntactic and semantic quality
improved iteratively with the interviews(complete, valid information model)
• Distinction master data and transactiondata
• Usefulness: greenfield approach / guidance for companies with complexstructures
• Implementation ideas (DWH, EDI)
• Abstraction level is right as queryingdatabases is platform specific
Disadvantages• Pragmatic quality: Interpretation of the
model is difficult as no implementationdetails are provided
• Companies need to identify wheretheir data is stored and how to accessit (e.g. CMD)
Expert Interviews – Information Model Evaluation Additional Outcomes
Expert‘s opinion regarding data portability:
© sebis16.11.2018 Laura Stojko, Master’s Thesis Final Presentation 19
Advantages• Data portability is seen as highly
relevant for customers
• Market entry opportunity for smallcompanies – level playing field
• New possibilities for data trading
Disadvantages• Standard for data portability is required
• Non-existing information about how tohandle back-ups and references ofpersonal data
• Data stored about a person moreinteresting than portability
• Cost-relation analysis will often showthat implementation is not suitable
• Companies only invest minimal effortfor compliance
Expert Interviews – Information Model Evaluation Additional Outcomes
Expert‘s opinion regarding GDPR:
© sebis16.11.2018 Laura Stojko, Master’s Thesis Final Presentation 20
Advantages• Homogeneous data privacy law in
Europe
• Higher awareness of data privacy
Disadvantages• Companies try to profit from GDPR
(consent to more processing activities)
• People do not know how to enforcetheir right correctly
• GDPR scope is too broad – not limited to services for information society
• People do not know their correct legal basis
1. Motivation & Research Outline
2. Requirement Analysis GDPR Art. 20
3. Information Model Development
4. Information Model Evaluation
5. Next Steps
Outline
© sebis16.11.2018 Laura Stojko, Master’s Thesis Final Presentation 21
Next Steps – Information Model Enhancements
© sebis 2216.11.2018 Laura Stojko, Master’s Thesis Final Presentation
Information
Model
Deep Dive
Enhancement with
industry-specific
implementation details
Consider further
GDPR articles
GDPR
Art. 20
Art. 15
Art. 17
Art. 13
Art. 14
One step forward
Actual portability of the
data
Controller2Controller1
Personal
Data
Technische Universität München
Faculty of Informatics
Chair of Software Engineering for Business
Information Systems
Boltzmannstraße 3
85748 Garching bei München
wwwmatthes.in.tum.de
Laura Stojko
B.Sc.
laura.stojko@tum.de
© sebis11.06.2018 Laura Stojko, Master Thesis Kick-Off 23
[1] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) Official Journal of the European Union, Vol. L119 (4 May 2016), pp. 1-88, 2016.
[2] De Hert, P., Papakonstantinou, V., Malgieri, G., Beslay, L., & Sanchez, I. (2018). The right to data portability in the GDPR: Towards user-centric interoperability of digital services. Computer Law & Security Review, 34(2), 193–203. https://doi.org/10.1016/J.CLSR.2017.10.003
[3] Breaux, T. D., & Antón, A. I. (2005). Analyzing Goal Semantics for Rights, Permissions and Obligations Presentation Outline Towards Machine-enforceable Policies Motivations. Retrieved from https://www.cs.cmu.edu/~breaux/presentations/tdbreaux-re05.pdf
[4] João Paulo Almeida, Marten Van Sinderen, Luís Ferreira Pires, and Dick Quartel. A systematic approach to platform-independent design based on the service concept. Proceedings - 7th IEEE International Enterprise Distributed Object Computing Conference, 2003-Janua(January):112–123, 2003. doi:10.1109/EDOC.2003.1233842.
[5] Reinhard Schütte. Die neuen Grundsätze ordnungsmäßiger Modellierung. In Grundsätze ordnungsmäßiger Referenzmodellierung. Gabler Verlag, Wiesbaden, 1998. URL: http://link.springer.com/10.1007/978-3-663-10233-5_3, doi:10.1007/978-3-663-10233-5_3.
[6] O.I. Lindland, G. Sindre, and A. Solvberg. Understanding quality in conceptual modeling. IEEE Software, 11(2):42–49, mar 1994.
[7] D.L. Moody, G. Sindre, T. Brasethvik, and A. Solvberg. Evaluating the quality of information models: empirical testing of a conceptual model quality framework. In25th International Conference on Software Engineering, 2003. Proceedings., pages 295–305.IEEE, 2003
[8] Matthijs Neppelenbroek, Matthias Lossek, and Rik Janssen. Twitter: An architectural review. Scholars paper on Software Architecture at Utrecht University, 2011. URL: http://www. timdeboer. eu/paper_publishing/Twitter_An_Architectural_Review.pdf.
References
© sebis 2416.11.2018 Laura Stojko, Master’s Thesis Final Presentation
Requirement Analysis GDPR Art. 20 – by Breaux [3]
© sebis 25
Policies GoalsRNLS (RestrictedNatural Language
Statement)Semantic Model
Art. 20 (2):
In exercising his or her right to
data portability pursuant to
paragraph 1, the data subject
shall have the right to have the
personal data transmitted
directly from one controller to
another, where technically
feasible.
Actor: data controller
Action Word: transmit /
exchange
Subject Type: personal data
Conditions: directly to another
controller where technically
feasible
Number: RNLS#7
Statement: Data controller
transmit personal data from
RNLS#1 directly to another
controller where technically
feasible.
activity [ right : data controller ]
actor = data controller
action = transmit directly
object = personal data
target = another controller
instrument = technically feasible
RNLS#1: data subject provide
personal data concerning him or her.
16.11.2018 Laura Stojko, Master’s Thesis Final Presentation
Requirement Analysis GDPR Art. 20
© sebis 26
Semantic Model Required Information List of Properties
activity [ right : data controller ]
actor = data controller
action = transmit directly
object = personal data
target = another controller
instrument = technical feasible
Personal data concerning the
data subjectPersonalData : BOOLEAN
16.11.2018 Laura Stojko, Master’s Thesis Final Presentation
Requirement Analysis GDPR Art. 20 – RNLS Statements and References
© sebis 2716.11.2018 Laura Stojko, Master’s Thesis Final Presentation
MotivationGDPR - Article 4: Personal Data
© sebis 28
‘personal data’ means any information relating to an identified or
identifiable natural person (‘data subject’); an identifiable natural
person is one who can be identified, directly or indirectly, in particular by
reference to an identifier such as a name, an identification number,
location data, an online identifier or to one or more factors specific to the
physical, physiological, genetic, mental, economic, cultural or social
identity of that natural person;
GDPR
Article 4: Definitions– Personal
Data
Article 20: Data
Portability
16.11.2018 Laura Stojko, Master’s Thesis Final Presentation
Requirement Analysis GDPR Art. 20
© sebis 2916.11.2018 Laura Stojko, Master’s Thesis Final Presentation
Policies Goals RNLSSemantic
model
Requiredinformation
for fulfillment
List ofproperties
Analysis of rights by Breaux Additional analysis
top related