Skip to Main Content
Enterprises that collect and process personal data must deal with related privacy management issues. It is not just a matter of privacy-aware access control: privacy obligation policies, dictating duties and expectations on how personal data has to be handled, must be considered too. The management of obligation policies is a promising area but it is still underestimated. Enterprises require solutions that enable automation and can leverage their current identity management solutions. HP Labs have been working on this topic in the last few years, also in the context of the EU PRIME project. In this paper we present our recent work on parametric obligation policies and a related obligation management framework to deal with a scalable management of these policies on large amounts of data, stored in distributed data repositories.