A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2005; you can also visit the original URL.
The file type is application/pdf.
Filters
An Algebra for Composing Enterprise Privacy Policies
[chapter]
2004
Lecture Notes in Computer Science
Preserved Fulltext
We base our work on a superset of the syntax and semantics of IBM's Enterprise Privacy Authorization Language (EPAL), which recently has been submitted to W3C for standardization. ...
We propose an algebra providing various types of operators for composing and restricting enterprise privacy policies like conjunction, disjunction, and scoping, together with its formal semantics. ...
Semantics of E-P3P Policies An E-P3P request is a tuple (u, d, p, a) which should belong to the set U ×D×P ×A for the given vocabulary. ...
doi:10.1007/978-3-540-30108-0_3
fatcat:7jqnupmozrgmzfafqzflxdkpga
Privacy and contextual integrity: framework and applications
2006
2006 IEEE Symposium on Security and Privacy (S&P'06)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
Our model is expressive enough to capture naturally many notions of privacy found in legislation, including those found in HIPAA, COPPA, and GLBA. ...
In comparison with access control and privacy policy frameworks such as RBAC, EPAL, and P3P, these norms focus on who personal information is about, how it is transmitted, and past and future actions by ...
Previous work on privacy languages, particularly EPAL, used a complex lattice-based definition of entailment. In our model, entailment is captured as standard logical implication. ...
doi:10.1109/sp.2006.32
dblp:conf/sp/BarthDMN06
fatcat:jmlno3ootjgtnejtj6zgkpctxi
Bootstrapping Privacy Compliance in Big Data Systems
2014
2014 IEEE Symposium on Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2014; you can also visit the original URL.
The file type is application/pdf.
With the rapid increase in cloud services collecting and using user data to offer personalized experiences, ensuring that these services comply with their privacy policies has become a business imperative ...
This work was partially supported by the AFOSR MURI on "Science of Cybersecurity" and the National Science Foundation (NSF) grant CNS1064688 on "Semantics and Enforcement of Privacy Policies: Information ...
Use and Purpose". ...
doi:10.1109/sp.2014.28
dblp:conf/sp/SenGDRTW14
fatcat:2zour3xzdrdblcstjudopr3pzy
Secure knowledge management: confidentiality, trust, and privacy
2006
IEEE transactions on systems, man and cybernetics. Part A. Systems and humans
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Index Terms-Data mining, privacy, role-based access control (RBAC), secure knowledge management, security policy, semantic web, trust negotiation (TN), usage control (UCON). ...
Therefore, only authorized individuals must be permitted to execute various operations and functions in an organization. ...
Previously, he has published influential and widely cited papers on various security topics including safety and expressive power of access-control models, lattice-based access controls, and multilevel ...
doi:10.1109/tsmca.2006.871796
fatcat:pnqtkbbuazaipeqlo3iz4isdri
On Obligations
[chapter]
2005
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We provide a formal framework that allows us to precisely specify data protection policies. ...
An example is the requirement "do not re-distribute data", where the actions of the involved parties may not even be observable. ...
Viganò provided useful comments on earlier versions of the paper. ...
doi:10.1007/11555827_7
fatcat:4spj52pewze25k2fhgrenok6za
Preventive Inference Control in Data-centric Business Models
2013
2013 IEEE Security and Privacy Workshops
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2014; you can also visit the original URL.
The file type is application/pdf.
In particular, the study shows that, contrary to our expectations, participants prefer an a-posteriori approach based upon audits to detect whether inferences happened. ...
Privacy settings and policy languages, such as EPAL, OSL, P3P or XACML, formalize these preferences for processing and enforcement. ...
[5] model the knowledge of an "inference-savvy" adversary using Bayesian networks. Here, only security levels are considered and not the particular policies of users. Structure. ...
doi:10.1109/spw.2013.25
dblp:conf/sp/AccorsiM13
fatcat:5kysro6pxbbabbykcnrqouxuue
A Framework for Expressing and Enforcing Purpose-Based Privacy Policies
2014
ACM Transactions on Privacy and Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Although some models have been proposed for enforcing purpose-based policies, little has been done in dening formal semantics for purpose and therefore an eective enforcement mechanism for policies has ...
In this paper, we develop a framework for formalizing and enforcing purpose-based privacy policies. ...
A formal denition of semantics can result in an ecient method for identifying the purpose of access based on the existing artefacts in an information system, and thereby an eective enforcement mechanism ...
doi:10.1145/2629689
fatcat:uv6wcsnfx5ddfi2lnqwxvumlxe
L2TAP+SCIP: An Audit-based Privacy Framework Leveraging Linked Data
2012
Proceedings of the 8th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We include an experimental validation of the scalability of our approach. ...
SCIP synthesizes contextual integrity concepts and enables query based solutions for two important privacy processes (compliance and obligation derivation). ...
privacy declarations (e.g., P3P [5] ). ...
doi:10.4108/icst.collaboratecom.2012.250607
dblp:conf/colcom/SamaviC12
fatcat:vlis7kjkyfgqho4dey3ik4dmpm
Access Control for Databases: Concepts and Systems
2010
Foundations and Trends in Databases
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
In particular, implication rules on objects support the derivation of authorizations from an object to all objects semantically related to it; the semantic relationships are based on the conceptual structures ...
privacy policies, such as the policies that can be expressed by using the P3P standard [88] . ...
doi:10.1561/1900000014
fatcat:trrsnypzyvcq5phpgvee7dumva
Globally reasoning about localised security policies in distributed systems
[article]
2012
arXiv
pre-print
Preserved Fulltext
The Internet Archive has a preservation copy of this work in our general collections.
The file type is application/pdf.
We identify how this LTS is indeed obtained, and propose an alternative way of model checking the not-yet-induced LTS, by using the system design directly. ...
Using the Semantics, a Labelled Transition System (LTS) can be induced for every particular system, and over this LTS some model checking tasks could be done. ...
Interpretation of the Semantics over an LTS As observed in Section 2, the Semantics of the AspectKBL language induces an LTS, and over such a structure it is possible to interpret the ACTLv Semantics from ...
arXiv:1205.6465v1
fatcat:57nvs2tm6fgjta2t5ydwhvjvvm
Requirements-based Access Control Analysis and Policy Specification (ReCAPS)
2009
Information and Software Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Further validation of the method was performed via an empirical study to evaluate the usefulness and effectiveness of the approach. ...
Requirements-Based Access Control Analysis and Policy Specification. (Under the direction of Dr. Ana (Annie) I. Antón.) ...
P3P is an XML-based policy specification language that can be used to specify an organization's privacy practices in a way that can be parsed and used by policy-checking agents on the user's behalf. ...
doi:10.1016/j.infsof.2008.11.005
fatcat:6pw6rgmdhzf6vdmd32af57sday
Wireless Sensor Network Security
2013
International Journal of Distributed Sensor Networks
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The user thereof uses the information at its sole risk and liability.
References ...
The accuracy of data related to the location, time, speed and identity of the user is modelled using lattice structures. ...
Privacy policy enforcement schemes use modified versions of P3P policies, while adjusting the privacy negotiation protocols to fit the decentralised nature of sensor networks. ...
doi:10.1155/2013/362385
fatcat:2ph46uukonbtbdkc5q6t4mvgcq
Privacy Protection and Data Security in Cloud Computing: A Survey, Challenges and Solutions
2019
IEEE Access
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
encryption), CP-ABE (ciphertext policy attribute-based encryption), access structure, revocation mechanism, multiauthority, fine-grained, trace mechanism, proxy re-encryption(PRE), hierarchical encryption ...
In recent years, there are many research schemes of cloud computing privacy protection based on access control, attribute-based encryption (ABE), trust and reputation, but they are scattered and lack unified ...
Reference [89] proposed a fuzzy keyword search scheme based on similar semantics of editing distance. ...
doi:10.1109/access.2019.2946185
fatcat:tbg5a25f5rd3je4mogemegrvje
Bootstrapping Privacy Compliance in Big Data Systems
2018
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
With the rapid increase in cloud services collecting and using user data to offer personalized experiences, ensuring that these services comply with their privacy policies has become a business imperative ...
This work was partially supported by the AFOSR MURI on "Science of Cybersecurity" and the National Science Foundation (NSF) grant CNS1064688 on "Semantics and Enforcement of Privacy Policies: Information ...
Use and Purpose". ...
doi:10.1184/r1/6603935.v1
fatcat:a2jvhal3r5cylp2elb7qlofmga
Modelling and Enforcing Purpose in Privacy Policies
[article]
2013
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
The semantics of this language are defined over an abstract model of business workflows. ...
We show how purpose constraints can be linked to access control rules to form purpose-based policies and develop an enforcement mechanism in the form of a workflow reference monitor to ensure compliance ...
A formal denition of semantics paves the way for a clear method of purpose identication and thereby an eective enforcement mechanism for purpose-based policies. ...
doi:10.11575/prism/26953
fatcat:yud3i6whbve6ldkxc3sr7u7fc4
« Previous
Showing results 1 — 15 out of 30 results