Your search keyword '"Grünewald, Elias"' showing total 15 results

1. Extending Business Process Management for Regulatory Transparency

Author

Kiesel, Jannis and Grünewald, Elias

Subjects

Computer Science - Software Engineering

Abstract

Ever-increasingly complex business processes are enabled by loosely coupled cloud-native systems. In such fast-paced development environments, data controllers face the challenge of capturing and updating all personal data processing activities due to considerable communication overhead between development teams and data protection staff. To date, established business process management methods generate valuable insights about systems, however, they do not account for all regulatory transparency obligations. For instance, data controllers need to record all information about data categories, legal purpose specifications, third-country transfers, etc. Therefore, we propose to bridge the gap between business processes and application systems by providing three contributions that assist in modeling, discovering, and checking personal data transparency through a process-oriented perspective. We enable transparency modeling for relevant business activities by providing a plug-in extension to BPMN featuring regulatory transparency information. Furthermore, we utilize event logs to record regulatory transparency information in realistic cloud-native systems. On this basis, we leverage process mining techniques to discover and analyze personal data flows in business processes, e.g., through transparency conformance checking. We design and implement prototypes for all contributions, emphasizing the appropriate integration and modeling effort required to create business-process-oriented transparency. Altogether, we connect current business process engineering techniques with regulatory needs as imposed by the GDPR and other legal frameworks., Comment: Preprint, accepted to the BPM Forum 2024

Published

2024

2. Hook-in Privacy Techniques for gRPC-based Microservice Communication

Author

Loechel, Louis, Akbayin, Siar-Remzi, Grünewald, Elias, Kiesel, Jannis, Strelnikova, Inga, Janke, Thomas, and Pallas, Frank

Subjects

Computer Science - Cryptography and Security, Computer Science - Computers and Society, Computer Science - Distributed, Parallel, and Cluster Computing, Computer Science - Software Engineering

Abstract

gRPC is at the heart of modern distributed system architectures. Based on HTTP/2 and Protocol Buffers, it provides highly performant, standardized, and polyglot communication across loosely coupled microservices and is increasingly preferred over REST- or GraphQL-based service APIs in practice. Despite its widespread adoption, gRPC lacks any advanced privacy techniques beyond transport encryption and basic token-based authentication. Such advanced techniques are, however, increasingly important for fulfilling regulatory requirements. For instance, anonymizing or otherwise minimizing (personal) data before responding to requests, or pre-processing data based on the purpose of the access may be crucial in certain usecases. In this paper, we therefore propose a novel approach for integrating such advanced privacy techniques into the gRPC framework in a practically viable way. Specifically, we present a general approach along with a working prototype that implements privacy techniques, such as data minimization and purpose limitation, in a configurable, extensible, and gRPC-native way utilizing a gRPC interceptor. We also showcase how to integrate this contribution into a realistic example of a food delivery use case. Alongside these implementations, a preliminary performance evaluation shows practical applicability with reasonable overheads. Altogether, we present a viable solution for integrating advanced privacy techniques into real-world gRPC-based microservice architectures, thereby facilitating regulatory compliance ``by design''., Comment: 15 pages, accepted for the ICWE, International Conference on Web Engineering, 2024, research paper

Published

2024

3. Towards Cross-Provider Analysis of Transparency Information for Data Protection

Author

Grünewald, Elias, Halkenhäußer, Johannes M., Leschke, Nicola, and Pallas, Frank

Subjects

Computer Science - Computers and Society, Computer Science - Cryptography and Security, Computer Science - Software Engineering, Computer Science - Social and Information Networks

Abstract

Transparency and accountability are indispensable principles for modern data protection, from both, legal and technical viewpoints. Regulations such as the GDPR, therefore, require specific transparency information to be provided including, e.g., purpose specifications, storage periods, or legal bases for personal data processing. However, it has repeatedly been shown that all too often, this information is practically hidden in legalese privacy policies, hindering data subjects from exercising their rights. This paper presents a novel approach to enable large-scale transparency information analysis across service providers, leveraging machine-readable formats and graph data science methods. More specifically, we propose a general approach for building a transparency analysis platform (TAP) that is used to identify data transfers empirically, provide evidence-based analyses of sharing clusters of more than 70 real-world data controllers, or even to simulate network dynamics using synthetic transparency information for large-scale data-sharing scenarios. We provide the general approach for advanced transparency information analysis, an open source architecture and implementation in the form of a queryable analysis platform, and versatile analysis examples. These contributions pave the way for more transparent data processing for data subjects, and evidence-based enforcement processes for data protection authorities. Future work can build upon our contributions to gain more insights into so-far hidden data-sharing practices., Comment: technical report

Published

2023

4. Hawk: DevOps-driven Transparency and Accountability in Cloud Native Systems

Author

Grünewald, Elias, Kiesel, Jannis, Akbayin, Siar-Remzi, and Pallas, Frank

Subjects

Computer Science - Distributed, Parallel, and Cluster Computing, Computer Science - Cryptography and Security, Computer Science - Computers and Society, Computer Science - Software Engineering

Abstract

Transparency is one of the most important principles of modern privacy regulations, such as the GDPR or CCPA. To be compliant with such regulatory frameworks, data controllers must provide data subjects with precise information about the collection, processing, storage, and transfer of personal data. To do so, respective facts and details must be compiled and always kept up to date. In traditional, rather static system environments, this inventory (including details such as the purposes of processing or the storage duration for each system component) could be done manually. In current circumstances of agile, DevOps-driven, and cloud-native information systems engineering, however, such manual practices do not suit anymore, making it increasingly hard for data controllers to achieve regulatory compliance. To allow for proper collection and maintenance of always up-to-date transparency information smoothly integrating into DevOps practices, we herein propose a set of novel approaches explicitly tailored to specific phases of the DevOps lifecycle most relevant in matters of privacy-related transparency and accountability at runtime: Release, Operation, and Monitoring. For each of these phases, we examine the specific challenges arising in determining the details of personal data processing, develop a distinct approach and provide respective proof of concept implementations that can easily be applied in cloud native systems. We also demonstrate how these components can be integrated with each other to establish transparency information comprising design- and runtime-elements. Furthermore, our experimental evaluation indicates reasonable overheads. On this basis, data controllers can fulfill their regulatory transparency obligations in line with actual engineering practices., Comment: preprint, accepted for the 16th IEEE International Conference on Cloud Computing 2023, IEEE Cloud 2023

Published

2023

5. A Human-in-the-Loop Approach for Information Extraction from Privacy Policies under Data Scarcity

Author

Gebauer, Michael, Maschhur, Faraz, Leschke, Nicola, Grünewald, Elias, and Pallas, Frank

Subjects

Computer Science - Computers and Society, Computer Science - Artificial Intelligence

Abstract

Machine-readable representations of privacy policies are door openers for a broad variety of novel privacy-enhancing and, in particular, transparency-enhancing technologies (TETs). In order to generate such representations, transparency information needs to be extracted from written privacy policies. However, respective manual annotation and extraction processes are laborious and require expert knowledge. Approaches for fully automated annotation, in turn, have so far not succeeded due to overly high error rates in the specific domain of privacy policies. In the end, a lack of properly annotated privacy policies and respective machine-readable representations persists and enduringly hinders the development and establishment of novel technical approaches fostering policy perception and data subject informedness. In this work, we present a prototype system for a `Human-in-the-Loop' approach to privacy policy annotation that integrates ML-generated suggestions and ultimately human annotation decisions. We propose an ML-based suggestion system specifically tailored to the constraint of data scarcity prevalent in the domain of privacy policy annotation. On this basis, we provide meaningful predictions to users thereby streamlining the annotation process. Additionally, we also evaluate our approach through a prototypical implementation to show that our ML-based extraction approach provides superior performance over other recently used extraction models for legal documents., Comment: Accepted for 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&P)

Published

2023

6. Streamlining personal data access requests: From obstructive procedures to automated web workflows

Author

Leschke, Nicola, Kirsten, Florian, Pallas, Frank, and Grünewald, Elias

Subjects

Computer Science - Computers and Society

Abstract

Transparency and data portability are two core principles of modern privacy legislations such as the GDPR. From the regulatory perspective, providing individuals (data subjects) with access to their data is a main building block for implementing these. Different from other privacy principles and respective regulatory provisions, however, this right to data access has so far only seen marginal technical reflection. Processes related to performing data subject access requests (DSARs) are thus still to be executed manually, hindering the concept of data access from unfolding its full potential. To tackle this problem, we present an automated approach to the execution of DSARs, employing modern techniques of web automation. In particular, we propose a generic DSAR workflow model, a corresponding formal language for representing the particular workflows of different service providers (controllers), a publicly accessible and extendable workflow repository, and a browser-based execution engine, altogether providing ``one-click'' DSARs. To validate our approach and technical concepts, we examine, formalize and make publicly available the DSAR workflows of 15 widely used service providers and implement the execution engine in a publicly available browser extension. Altogether, we thereby pave the way for automated data subject access requests and lay the groundwork for a broad variety of subsequent technical means helping web users to better understand their privacy-related exposure to different service providers., Comment: Accepted for publication at the 23rd International Conference on Web Engineering (ICWE 2023) to appear in https://link.springer.com/book/9783031344459. This is a preprint manuscript (authors' own version before final copy-editing)

Published

2023

7. Enabling Versatile Privacy Interfaces Using Machine-Readable Transparency Information

Author

Grünewald, Elias, Halkenhäußer, Johannes M., Leschke, Nicola, Washington, Johanna, Paupini, Cristina, and Pallas, Frank

Subjects

Computer Science - Software Engineering, Computer Science - Cryptography and Security, Computer Science - Computers and Society

Abstract

Transparency regarding the processing of personal data in online services is a necessary precondition for informed decisions on whether or not to share personal data. In this paper, we argue that privacy interfaces shall incorporate the context of display, personal preferences, and individual competences of data subjects following the principles of universal design and usable privacy. Doing so requires -- among others -- to consciously decouple the provision of transparency information from their ultimate presentation. To this end, we provide a general model of how transparency information can be provided from a data controller to data subjects, effectively leveraging machine-readable transparency information and facilitating versatile presentation interfaces. We contribute two actual implementations of said model: 1) a GDPR-aligned privacy dashboard and 2) a chatbot and virtual voice assistant enabled by conversational AI. We evaluate our model and implementations with a user study and find that these approaches provide effective and time-efficient transparency. Consequently, we illustrate how transparency can be enhanced using machine-readable transparency information and how data controllers can meet respective regulatory obligations., Comment: Preprint, accepted to the Privacy Symposium 2023 https://privacysymposium.org/

Published

2023

8. Scalable Discovery and Continuous Inventory of Personal Data at Rest in Cloud Native Systems

Author

Grünewald, Elias and Schurbert, Leonard

Subjects

Computer Science - Cryptography and Security, Computer Science - Computers and Society, Computer Science - Software Engineering

Abstract

Cloud native systems are processing large amounts of personal data through numerous and possibly multi-paradigmatic data stores (e.g., relational and non-relational databases). From a privacy engineering perspective, a core challenge is to keep track of all exact locations, where personal data is being stored, as required by regulatory frameworks such as the European General Data Protection Regulation. In this paper, we present Teiresias, comprising i) a workflow pattern for scalable discovery of personal data at rest, and ii) a cloud native system architecture and open source prototype implementation of said workflow pattern. To this end, we enable a continuous inventory of personal data featuring transparency and accountability following DevOps/DevPrivOps practices. In particular, we scope version-controlled Infrastructure as Code definitions, cloud-based storages, and how to integrate the process into CI/CD pipelines. Thereafter, we provide iii) a comparative performance evaluation demonstrating both appropriate execution times for real-world settings, and a promising personal data detection accuracy outperforming existing proprietary tools in public clouds., Comment: Preprint of 2022-09-09 before final copy-editing of an accepted peer-reviewed paper to appear in the Proceedings of the 20th International Conference on Service-Oriented Computing ICSOC 2022

Published

2022

9. Advancing Blockchain-based Federated Learning through Verifiable Off-chain Computations

Author

Heiss, Jonathan, Grünewald, Elias, Haimerl, Nikolas, Schulte, Stefan, and Tai, Stefan

Subjects

Computer Science - Cryptography and Security, Computer Science - Distributed, Parallel, and Cluster Computing

Abstract

Federated learning may be subject to both global aggregation attacks and distributed poisoning attacks. Blockchain technology along with incentive and penalty mechanisms have been suggested to counter these. In this paper, we explore verifiable off-chain computations using zero-knowledge proofs as an alternative to incentive and penalty mechanisms in blockchain-based federated learning. In our solution, learning nodes, in addition to their computational duties, act as off-chain provers submitting proofs to attest computational correctness of parameters that can be verified on the blockchain. We demonstrate and evaluate our solution through a health monitoring use case and proof-of-concept implementation leveraging the ZoKrates language and tools for smart contract-based on-chain model management. Our research introduces verifiability of correctness of learning processes, thus advancing blockchain-based federated learning.

Published

2022

10. Configurable Per-Query Data Minimization for Privacy-Compliant Web APIs

Author

Pallas, Frank, Hartmann, David, Heinrich, Paul, Kipke, Josefine, and Grünewald, Elias

Subjects

Computer Science - Cryptography and Security, Computer Science - Computers and Society, Computer Science - Distributed, Parallel, and Cluster Computing, Computer Science - Software Engineering

Abstract

The purpose of regulatory data minimization obligations is to limit personal data to the absolute minimum necessary for a given context. Beyond the initial data collection, storage, and processing, data minimization is also required for subsequent data releases, as it is the case when data are provided using query-capable Web APIs. Data-providing Web APIs, however, typically lack sophisticated data minimization features, leaving the task open to manual and all too often missing implementations. In this paper, we address the problem of data minimization for data-providing, query-capable Web APIs. Based on a careful analysis of functional and non-functional requirements, we introduce Janus, an easy-to-use, highly configurable solution for implementing legally compliant data minimization in GraphQL Web APIs. Janus provides a rich set of information reduction functionalities that can be configured for different client roles accessing the API. We present a technical proof-of-concept along with experimental measurements that indicate reasonable overheads. Janus is thus a practical solution for implementing GraphQL APIs in line with the regulatory principle of data minimization., Comment: Preprint version (2022-03-18) This version of the contribution has been accepted for publication at the 22nd International Conference on Web Engineering (ICWE 2022), Bari, Italy

Published

2022

11. Datensouver\'anit\'at f\'ur Verbraucher:innen: Technische Ans\'atze durch KI-basierte Transparenz und Auskunft im Kontext der DSGVO

Author

Grünewald, Elias and Pallas, Frank

Subjects

Computer Science - Computers and Society

Abstract

A sufficient level of data sovereignty is extremely difficult for consumers in practice. The EU General Data Protection Regulation guarantees comprehensive data subject rights, which must be implemented by responsible controllers through technical and organizational measures. Traditional approaches, such as the provision of lengthy data protection declarations or the downloading of raw personal data without further assistance, do not meet the requirements of informational self-determination. The new technical approaches outlined below, in particular AI-based transparency and access modalities, demonstrate the practicability of effective and versatile mechanisms. For this purpose, the relevant transparency information is extracted in a semi-automated way, represented in a machine-readable format, and then played out via diverse channels such as virtual assistants or the enrichment of search results. --- Hinreichende Datensouver\"anit\"at gestaltet sich f\"ur Verbraucher:innen in der Praxis als \"au{\ss}erst schwierig. Die Europ\"aische Datenschutzgrundverordnung garantiert umfassende Betroffenenrechte, die von verantwortlichen Stellen durch technisch-organisatorische Ma{\ss}nahmen umzusetzen sind. Traditionelle Vorgehensweisen wie die Bereitstellung l\"anglicher Datenschutzerkl\"arungen oder der ohne weitere Hilfestellungen angebotene Download von personenbezogenen Rohdaten werden dem Anspruch der informationellen Selbstbestimmung nicht gerecht. Die im Folgenden aufgezeigten neuen technischen Ans\"atze insbesondere KI-basierter Transparenz- und Auskunftsmodalit\"aten zeigen die Praktikabilit\"at wirksamer und vielseitiger Mechanismen. Hierzu werden die relevanten Transparenzangaben teilautomatisiert extrahiert, maschinenlesbar repr\"asentiert und anschlie{\ss}end \"uber diverse Kan\"ale wie virtuelle Assistenten oder die Anreicherung von Suchergebnissen ausgespielt., Comment: In German, appears in "Schriften der Verbraucherinformatik 2021". Original publication: https://pub.h-brs.de/frontdoor/index/index/docId/6021

Published

2021

12. RedCASTLE: Practically Applicable $k_s$-Anonymity for IoT Streaming Data at the Edge in Node-RED

Author

Pallas, Frank, Legler, Julian, Amslgruber, Niklas, and Grünewald, Elias

Subjects

Computer Science - Cryptography and Security

Abstract

In this paper, we present RedCASTLE, a practically applicable solution for Edge-based $k_s$-anonymization of IoT streaming data in Node-RED. RedCASTLE builds upon a pre-existing, rudimentary implementation of the CASTLE algorithm and significantly extends it with functionalities indispensable for real-world IoT scenarios. In addition, RedCASTLE provides an abstraction layer for smoothly integrating $k_s$-anonymization into Node-RED, a visually programmable middleware for streaming dataflows widely used in Edge-based IoT scenarios. Last but not least, RedCASTLE also provides further capabilities for basic information reduction that complement $k_s$-anonymization in the privacy-friendly implementation of usecases involving IoT streaming data. A preliminary performance assessment finds that RedCASTLE comes with reasonable overheads and demonstrates its practical viability., Comment: Accepted for publication as regular research paper for the "8th International Workshop on Middleware and Applications for the Internet of Things". This is a preprint manuscript (authors' own version before final copy-editing)

Published

2021

13. Cloud Native Privacy Engineering through DevPrivOps

Author

Grünewald, Elias

Subjects

Computer Science - Software Engineering, Computer Science - Computers and Society

Abstract

Cloud native information systems engineering enables scalable and resilient service infrastructures for all major online offerings. These are built following agile development practices. At the same time, a growing demand for privacy-friendly services is articulated by societal norms and policy through effective legislative frameworks. In this paper, we identify the conceptual dimensions of cloud native privacy engineering and propose an integrative approach to be addressed in practice to overcome the shortcomings of existing privacy enhancing technologies. Furthermore, we propose a reference software development lifecycle called DevPrivOps to enhance established agile development methods with respect to privacy. Altogether, we show that cloud native privacy engineering advances the state of the art of privacy by design and by default using latest technologies., Comment: preprint version (2021-12-01), accepted for the Post-Proceedings at the 16th IFIP Summer School on Privacy and Identity Management 2021

Published

2021

14. TIRA: An OpenAPI Extension and Toolbox for GDPR Transparency in RESTful Architectures

Author

Grünewald, Elias, Wille, Paul, Pallas, Frank, Borges, Maria C., and Ulbricht, Max-R.

Subjects

Computer Science - Software Engineering, Computer Science - Computers and Society

Abstract

Transparency - the provision of information about what personal data is collected for which purposes, how long it is stored, or to which parties it is transferred - is one of the core privacy principles underlying regulations such as the GDPR. Technical approaches for implementing transparency in practice are, however, only rarely considered. In this paper, we present a novel approach for doing so in current, RESTful application architectures and in line with prevailing agile and DevOps-driven practices. For this purpose, we introduce 1) a transparency-focused extension of OpenAPI specifications that allows individual service descriptions to be enriched with transparency-related annotations in a bottom-up fashion and 2) a set of higher-order tools for aggregating respective information across multiple, interdependent services and for coherently integrating our approach into automated CI/CD-pipelines. Together, these building blocks pave the way for providing transparency information that is more specific and at the same time better reflects the actual implementation givens within complex service architectures than current, overly broad privacy statements., Comment: Accepted for publication at the 2021 International Workshop on Privacy Engineering (IWPE'21). This is a preprint manuscript (authors' own version before final copy-editing)

Published

2021

15. TILT: A GDPR-Aligned Transparency Information Language and Toolkit for Practical Privacy Engineering

Author

Grünewald, Elias and Pallas, Frank

Subjects

Computer Science - Computers and Society, Computer Science - Cryptography and Security, Computer Science - Formal Languages and Automata Theory, Computer Science - Software Engineering, H.3, K.5, K.4, H.5, D.2, E.2

Abstract

In this paper, we present TILT, a transparency information language and toolkit explicitly designed to represent and process transparency information in line with the requirements of the GDPR and allowing for a more automated and adaptive use of such information than established, legalese data protection policies do. We provide a detailed analysis of transparency obligations from the GDPR to identify the expressiveness required for a formal transparency language intended to meet respective legal requirements. In addition, we identify a set of further, non-functional requirements that need to be met to foster practical adoption in real-world (web) information systems engineering. On this basis, we specify our formal language and present a respective, fully implemented toolkit around it. We then evaluate the practical applicability of our language and toolkit and demonstrate the additional prospects it unlocks through two different use cases: a) the inter-organizational analysis of personal data-related practices allowing, for instance, to uncover data sharing networks based on explicitly announced transparency information and b) the presentation of formally represented transparency information to users through novel, more comprehensible, and potentially adaptive user interfaces, heightening data subjects' actual informedness about data-related practices and, thus, their sovereignty. Altogether, our transparency information language and toolkit allow - differently from previous work - to express transparency information in line with actual legal requirements and practices of modern (web) information systems engineering and thereby pave the way for a multitude of novel possibilities to heighten transparency and user sovereignty in practice., Comment: Accepted for publication at the ACM Conference on Fairness, Accountability, and Transparency 2021 (ACM FAccT'21). This is a preprint manuscript (authors' own version before final copy-editing)

Published

2020