当前位置:
X-MOL 学术
›
arXiv.cs.SE
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Annotation-Based Static Analysis for Personal Data Protection
arXiv - CS - Software Engineering Pub Date : 2020-03-22 , DOI: arxiv-2003.09890 Kalle Hjerppe and Jukka Ruohonen and Ville Lepp\"anen
arXiv - CS - Software Engineering Pub Date : 2020-03-22 , DOI: arxiv-2003.09890 Kalle Hjerppe and Jukka Ruohonen and Ville Lepp\"anen
This paper elaborates the use of static source code analysis in the context
of data protection. The topic is important for software engineering in order
for software developers to improve the protection of personal data during
software development. To this end, the paper proposes a design of annotating
classes and functions that process personal data. The design serves two primary
purposes: on one hand, it provides means for software developers to document
their intent; on the other hand, it furnishes tools for automatic detection of
potential violations. This dual rationale facilitates compliance with the
General Data Protection Regulation (GDPR) and other emerging data protection
and privacy regulations. In addition to a brief review of the state-of-the-art
of static analysis in the data protection context and the design of the
proposed analysis method, a concrete tool is presented to demonstrate a
practical implementation for the Java programming language.
中文翻译:
基于注释的个人数据保护静态分析
本文详细阐述了静态源代码分析在数据保护的背景下的使用。该主题对于软件工程很重要,以便软件开发人员在软件开发过程中改进对个人数据的保护。为此,论文提出了一种对处理个人数据的类和函数进行注释的设计。该设计有两个主要目的:一方面,它为软件开发人员提供记录其意图的手段;另一方面,它提供了自动检测潜在违规行为的工具。这种双重理由有助于遵守《通用数据保护条例》(GDPR) 和其他新兴的数据保护和隐私条例。
更新日期:2020-03-24
中文翻译:
基于注释的个人数据保护静态分析
本文详细阐述了静态源代码分析在数据保护的背景下的使用。该主题对于软件工程很重要,以便软件开发人员在软件开发过程中改进对个人数据的保护。为此,论文提出了一种对处理个人数据的类和函数进行注释的设计。该设计有两个主要目的:一方面,它为软件开发人员提供记录其意图的手段;另一方面,它提供了自动检测潜在违规行为的工具。这种双重理由有助于遵守《通用数据保护条例》(GDPR) 和其他新兴的数据保护和隐私条例。