Privacy in the digital world is a critical problem which is becoming even more imperious with the growth of the Internet, accompanied by the proliferation of e-services (e.g. ecommerce, e-health). One research track for efficient privacy management is to make use of user's and service provider's (SP) privacy policies, and to perform an automatic comparison in between to help any (skilled or unskilled) users preserving their privacy. In this paper, we focus on the privacy policy comparison issues. We adopt the eXtensible Access Control Markup Language (XACML) as a policy description language for user's preferences and SP's policies. We enrich XACML with P3P main elements to permit a privacy aware access control on the user's personal data elements, thus resulting in the new XPACML (eXtensible Privacy Access Control Markup Language) language. The paper describes first the XPACML language. Then, it presents the functional architecture at the user's side where the automatic privacy policy compliance can be performed. Finally it discusses our contributions compared to the main proposed solutions in the literature to better identify the interest of them.
International audienceThe management of security events, from the risk analysis, to the selection of appropriate countermeasures, has become a major concern for security analysts and IT administrators. Furthermore, the fact that network and system devices are heterogeneous, increases the difficulty of these administrative tasks. This paper introduces an ontology-driven approach to address the aforementioned problems. The proposed model takes into account two aspects: the information and the operations that are manipulated by SIEM environments in order to reach the desired goals. The model uses ontologies to provide simplicity on the description of concepts, relationships and instances of the security domain. The Semantics Web Rule Languages is used to describe the logic rules needed to infer relationships among individuals and classes. A case study on Botnets is presented at the end of this paper to illustrate a concrete utilization of our model
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.