Der Blutzucker während und nach körperlicher Arbeit<sup>1</sup>

Abstract. RDF is an increasingly used framework for describing Web resources, including sensitive and confidential resources. In this context, we need an expressive language to query RDF databases. SPARQL has been defined to easily localize and extract data in an RDF graph. Since confidential data are accessed, SPARQL queries must be filtered so that only authorized data are returned with respect to some confidentiality policy. In this paper, we model a confidentiality policy as a set of positive and negative filters (corresponding respectively to permissions and prohibitions) that apply to SPARQL queries. We then define rewriting algorithms that transform the queries so that the results returned by transformed queries are compliant with the confidentiality policy.

show abstract

Secure and Privacy-Preserving Execution Model for Data Services

Barhamgi

Benslimane

Oulmakhzoune³

et al. 2013

View full text Add to dashboard Cite

Data services have almost become a standard way for data publishing and sharing on top of the Web. In this paper, we present a secure and privacy-preserving execution model for data services. Our model controls the information returned during service execution based on the identity of the data consumer and the purpose of the invocation. We implemented and evaluated the proposed model in the healthcare application domain. The obtained results are promising.

show abstract

Privacy Policy Preferences Enforced by SPARQL Query Rewriting

Oulmakhzoune

Cuppens-Boulahia

Cuppens

et al. 2012

View full text Add to dashboard Cite

International audienceWhen specifying privacy preferences, the data owner can control who may access its personal data, for which purpose and under which accuracy. In this paper we present an approach that enforces the privacy policy preferences by query transformation. We present also how to instrument this rewriting query algorithm using a privacy-aware model like PrivOrBAC. We take into account various dimensions of privacy preferences through the concepts of consent, accuracy, purpose and recipient

show abstract

Privacy query rewriting algorithm instrumented by a privacy-aware access control model

Oulmakhzoune¹,

Cuppens-Boulahia²,

Cuppens³

et al. 2013

Ann. Telecommun.

View full text Add to dashboard Cite

International audienceIn this paper we present an approach to instrument a SPARQL query rewriting algorithm enforcing privacy preferences. The term instrument is used to mean supplying appropriate constraints. We show how to design a real and effective instrumentation process of a rewriting algorithm using an existing privacy aware access control model like PrivOrBAC. We take into account various dimensions of privacy preferences through the concepts of consent, accuracy, purpose and recipient. We implement and evaluate our process of privacy enforcement based on a healthcare scenario

show abstract

Rewriting of SPARQL/Update Queries for Securing Data Access

Oulmakhzoune¹,

Cuppens-Boulahia²,

Cuppens³

et al. 2010

View full text Add to dashboard Cite

Pairse

et al. 2013

View full text Add to dashboard Cite

Privacy is among the key challenges to data integration in many sectors, including healthcare, e-government, etc. The PAIRSE project aims at providing a flexible, looselycoupled and privacy-preserving data integration system in P2P environments. The project exploits recent Web standards and technologies such as Web services and ontologies to export data from autonomous data providers as reusable services, and proposes the use of service composition as a viable solution to answer data integration needs on the fly. The project proposed new composition algorithms and service/composition execution models that preserve privacy of data manipulated by services and compositions. The proposed integration system was demonstrated at EDBT 2013 and VLDB 2011.

show abstract

Toward an off-line analysis of obligation with deadline policies

Essaouini

Oulmakhzoune

Cuppens-Boulahia

et al. 2016

View full text Add to dashboard Cite

Deployment of a posteriori access control using IHE ATNA

Azkia¹,

Cuppens-Boulahia²,

Cuppens³

et al. 2014

Int. J. Inf. Secur.

View full text Add to dashboard Cite

International audienceIn healthcare information management, privacy and confidentiality are two major concerns usually satisfied by access control means. Traditional access control mechanisms prevent illegal access by controlling access right before executing an action. They have some limitations like inflexibility in unanticipated circumstances (e.g., emergency). Recently, a posteriori access control has been proposed to complete a priori protection for a more effective and flexible solution. It controls the access by deterring user from having unauthorized access. To be deployed, a posteriori access control needs evidence to prove the users' violations. In this paper, we show how log records defined by the Integrating the Healthcare Enterprise-Audit Trail and Node Authentication (ATNA) profile can be used to deploy an a posteriori access control system. To develop an efficient method for finding violations, we propose a framework that customizes ATNA log records according to a contextual security policy like the Organization-Based Access Control. Experiments we conducted are also presented

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Said Oulmakhzoune

fQuery: SPARQL Query Rewriting to Enforce Data Confidentiality

Secure and Privacy-Preserving Execution Model for Data Services

Privacy Policy Preferences Enforced by SPARQL Query Rewriting

Privacy query rewriting algorithm instrumented by a privacy-aware access control model

Rewriting of SPARQL/Update Queries for Securing Data Access

Pairse

Toward an off-line analysis of obligation with deadline policies

Deployment of a posteriori access control using IHE ATNA

Contact Info

Product

Resources

About