Email Gateway (Aug 18 2022 at 12:58): Email Gateway (Aug 18 2022 at 12:58):From: Daniel Le Métayer <Daniel.Le-Metayer@inrialpes.fr>
POSTDOC POSITION
Compliance with contractual, legal and business rules
Formal approach and application to privacy and security
INRIA Grenoble France
KEYWORDS
formal specification, privacy, security, legal rule, contract,
compliance, model, monitoring,
accountability, traceability, liability, audit, organization,
enterprise, business
CONTEXT AND OBJECTIVES
Compliance with legal, contractual, business or organizational rules is
becoming a serious
concern for companies because regulatory requirements are increasingly
complex and
numerous. Companies have to adapt their internal organization to ensure
that they
comply with a variety of rules related to privacy, accountability,
security, duty of information,
quality, etc. They may be subject to independent audits and, in some
cases, executive or
employees may be liable for breaches of the rules. Software tools can be
devised to
help companies minimizing the risks of breaches but several challenges
need to be met in
order to provide solutions that are effectively usable: first, the rules
(which are originally
expressed in natural or legal language) have to be defined precisely;
the system to
implement them must be user-friendly and self-explanatory because
typical users
don't necessarily have specific legal background; appropriate mechanisms
should
be put in place to ensure accountability; last but not least, the system
must be flexible
and consistent with the internal organization of the company (business
process, share of
roles and responsibilities, etc.).
The first phase of the postdoc project is the specification of legal
and contractual
rules as well as organizational constraints using formal and semi-formal
methods.
Depending on the results of the first phase, a compliance enforcement
and monitoring
system may be proposed in a second phase, based on the formal and
semi-formal
specifications. Emphasis will be put on the enforcement of privacy and
security rules.
This project is part of a larger multidisciplinary initiative launched
in 2008 to foster interactions
between computer scientists and lawyers. In this context, the postdoc
researcher will have the
opportunity to interact with a variety of partners involving, in
addition to computer scientists,
actors of the security industry and lawyers.
DURATION
At least one year (to start as soon as possible)
REQUIRED SKILLS:
Minimal knowledge and motivation for formal and semi-formal methods in
the general sense
(formal specification, verification, software design, model design,
etc.) and their application to
concrete problems. Some knowledge in privacy or security would also be
appreciated but is not
a pre-requisite for the position.
LOCATION:
Grenoble, capital of the French Alps, and one of the most active areas
in Europe for research
in Information and Communication Technologies. Inria is the French
National Institute for
Research in Computer Science and Control. Created in December 1992, the
Inria Rhône-Alpes
research unit hosts about 600 people, including about 150 researchers
and the same number of
PhD students.
STATUS AND BENEFITS:
http://www.inria.fr/travailler/metiers/recherche/docpostdoc/doctorant_post_doc.en.html
CONTACT:
Candidates should send a resume to: Daniel dot Le-Metayer at inrialpes
dot fr
http://www.inrialpes.fr/pop-art/people/lemetayer/Welcome.html
Last updated: May 03 2024 at 12:27 UTC