A privacy policy model for enterprises

Karjoth, Günter; Schunter, Matthias

doi:10.1109/csfw.2002.1021821

Cited by 112 publications

(89 citation statements)

References 12 publications

(30 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To address this limitation, many logics and languages have been proposed for specifying privacy policies. Some examples are P3P [48,49], EPAL [50,51], Privacy APIs [52], LPU [53,54], past-only fragment of first-order temporal logic (FOTL) [10,11], predLTL [55], pLogic [56], PrivacyLFP [12], MFOTL [5][6][7], the guarded fragment of first-order logic with explicit time [4], and P-RBAC [57]. Our policy language, GMP, is more expressive than many existing policy languages such as LPU [53,54], P3P [48,49], EPAL [50,51], and P-RBAC [57].…”

Section: Related Workmentioning

confidence: 99%

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Chowdhury

Jia

Garg³

et al. 2014

Computer Aided Verification

View full text Add to dashboard Cite

Fragments of first-order temporal logic are useful for representing many practical privacy and security policies. Past work has proposed two strategies for checking event trace (audit log) compliance with policies: online monitoring and offline audit. Although online monitoring is space-and timeefficient, existing techniques insist that satisfying instances of all subformulas of the policy be amenable to caching, which limits expressiveness when some subformulas have infinite support. In contrast, offline audit is brute force and can handle more policies but is not as efficient. This paper proposes a new online monitoring algorithm that caches satisfying instances when it can, and falls back to the brute force search when it cannot. Our key technical insight is a new flowand time-sensitive static check of variable groundedness, called the temporal mode check, which determines subformulas for which such caching is feasible and those for which it is not and, hence, guides our algorithm. We prove the correctness of our algorithm and evaluate its performance over synthetic traces and realistic policies.

show abstract

Section: Related Workmentioning

confidence: 99%

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Chowdhury

Jia

Garg³

et al. 2014

Computer Aided Verification

View full text Add to dashboard Cite

show abstract

“…Moreover, the same information can be expressed differently or require a different level of granularity. For instance, the retention period expressed as a data element in P3P is represented as an obligation in E-P3P [72].…”

Section: Privacy Alignment and Compliance Discussionmentioning

confidence: 99%

“…These three elements, however, are insufficient to specify data protection policies [52,29]. In addition to the above three basic authorization elements (subjects, objects, and actions), Karjoth et al [72] identified other three elements that shall occur in data protection policies, namely purpose, condition, and obligation. Based on this observation, a number of languages and models tailored to specify and enforce data protection policies were proposed [58,13,14,26,44].…”

Section: Privacy-aware Access Controlmentioning

confidence: 99%

Towards the development of privacy-aware systems

Guarda

Zannone

2009

Information and Software Technology

115

View full text Add to dashboard Cite

“…It provides a privacy permission assignment language using purpose, condition, and obligation. Another privacy policy model for enterprises is described in [8]. These systems concentrate only on privacy preserving without a focus on enhancing sharing among collaborators.…”

Section: Background and Related Workmentioning

confidence: 99%

“…Collaborative access control and privacy for Web-based social networks is described in [7]. A privacy policy model for enterprises is described in [8]. These systems concentrate only on privacy preserving without a focus on enhanced sharing among collaborating users.…”

Section: Introductionmentioning

confidence: 99%

Enhanced sharing and privacy in distributed information sharing environments

Malik

Dustdar

2011

2011 7th International Conference on Information Assurance and Security (IAS)

View full text Add to dashboard Cite

-With the advancement in distributed computing and collaborative software technologies, information sharing and privacy related issues are gaining interest of researchers related to digital information creation, management, and distribution. Collaborative information sharing environment requires enhanced information sharing among users while privacy laws demand for the protection of user's information from unauthorized access and usage. Keeping this trade-off in view, there is a need for a flexible and enhanced information sharing model that preserves the privacy of user's information. We extend the Role-Based Access Control (RBAC) model to incorporate sharing and privacy related requirements and present a Dynamic Sharing and Privacy-aware RoleBased Access Control (DySP-RBAC) model. It is a family of models including core, hierarchical, and constrained RBAC models. The RBAC model is extended using team and task data elements as well as new data elements related to sharing and privacy of information. Sharing and privacy-based permission assignments and their conflicthandling strategies are described for a distributed and dynamic information sharing scenario.

show abstract

A privacy policy model for enterprises

Abstract: Privacy is an increasing concern in the marketplace. Although

Cited by 112 publications

References 12 publications

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Towards the development of privacy-aware systems

Enhanced sharing and privacy in distributed information sharing environments

Contact Info

Product

Resources

About