Toward a Comprehensive Disclosure Control Framework for Shared Data
Coull, Scott E. and Kenneally, Erin E., "Toward a Comprehensive Disclosure Control Framework for Shared Data", IEEE International Conference on Technologies for Homeland Security (November 2013, Boston, MA).
7 Pages Posted: 16 Sep 2013 Last revised: 3 Jun 2014
Date Written: June 15, 2013
Abstract
Although the goal of pervasive data sharing has persisted for over a decade, most large-scale efforts fail to reach the critical mass of participation necessary to sustain it due to the excessive costs involved. These costs often stem from the lack of standardized methodology and tools to implement disclosure controls that address data sharing risks. We present a framework that addresses the problem comprehensively by considering policy level risk (e.g., NDAs) and technical (e.g., data anonymization) disclosure control issues in concert. Doing so facilitates a superior balance of utility and risk mitigation by ensuring that policy and technical approaches complement one another. Moreover, the framework is driven by the pragmatic utility goals of the data release rather than general risk factors, which helps to focus the effort on exactly those parts of the data necessary to achieve desired goals. The output of the framework is a standardized audit trail and description of the data sharing scenario, which enables the reuse of key components in other data sharing efforts. The framework greatly decreases the data publisher’s overall costs while simultaneously enabling a more evolved and effective balance between utility and risk management in data sharing.
Keywords: data sharing, data disclosure, information risk management, information sharing, disclosure control, information technology policy, legal compliance, sharing framework
Suggested Citation: Suggested Citation