Towards accountable management of identity and privacy: sticky policies and enforceable tracing services

Mont, Marco Casassa; Pearson, Siani; Bramhall, Pete

doi:10.1109/dexa.2003.1232051

Cited by 139 publications

(85 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…While some work has addressed the other requirements identified by Gates, such as relationship-based requirements and interoperability issues, to the best of our knowledge no other work has ever proposed a solution along this line. One of the most well-known works dealing with sticky-policy [17] is geared toward business domains, and it does not apply to online SN data. Hence, the solution from Casassa-Mont is very different from our work, in that it relies on strong requirements for the underlying software and hardware architecture.…”

Section: Related Workmentioning

confidence: 99%

Privacy through Web-Traveler Policies in Social Network Environments

Sundareswaran¹,

Squicciarini²

2011

Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing

View full text Add to dashboard Cite

Abstract-Social networking sites are ingrained in the fabric of our day-to-day lives, with these sites being widely used to exchange personal information and content. Some forms of access control are provided by the sites themselves to protect the useruploaded content. However, these types of control are limited in that they require the user's input for the effective protection, otherwise a default policy which provides minimal protection is often applied. Towards providing extended content protection, in this paper we propose an approach for automated user-uploaded content control. Automatic enforcement allows us to extend the protection of content for unprotected files, preventing underage viewers from accessing adult content, tracking stolen or misused copyright-free images. This work builds upon the notion of ' Web-Traveler policies', previously introduced as a new class of content control policies. In the paper, we also provide a proof of concept implementation of our algorithms for automatic propagation for images in order to prove the applicability and strength of our approach.

show abstract

Section: Related Workmentioning

confidence: 99%

Privacy through Web-Traveler Policies in Social Network Environments

Sundareswaran¹,

Squicciarini²

2011

Proceedings of the 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing

View full text Add to dashboard Cite

show abstract

“…Their work has focused on protecting digital content from unauthorized copying and distribution by disseminating packages containing the content data and access control policies. Several efforts [6,7] toward managing privacy have introduced the concept of "sticky policies", in which handling policies are directly associated with personal information. In their approaches, users retain control over their personal information even after it has been disclosed by enforcing its privacy policies, which reflect their preferences about how it is to be used next at its recipient site.…”

Section: Related Workmentioning

confidence: 99%

Policy Provisioning for Distributed Identity Management Systems

Gomi

2010

Policies and Research in Identity Management

View full text Add to dashboard Cite

Abstract. A policy provisioning framework is described that supports the management of the lifecycle of identity information distributed beyond security domains. A model for creating data handling policies reflecting the intentions of its system administrator and the privacy preferences of the data owner is explained. Also, algorithms for systematically integrating data handling policies from system entities in different administrative domains are presented. This framework enables data handling policies to be properly deployed and enforced in a way that enhances security and privacy.

show abstract

“…Casassa Mont introduced the use of sticky policies and of Identity Based Encryption (IBE) [7] [19] to transform policies into encryption keys and bind them to the encrypted data [17]. Decryption keys can then be issued only by a specific TA, chosen at encryption time, if the policies are satisfied.…”

Section: Related Workmentioning

confidence: 99%

“…A trusted component running on the recipient devices that we will refer to as the virtual machine (VM), ensures that rights are locally enforced. Specific architectures differ in their management of user authentication, policy and rights retrieval, audit of user actions and other tasks [4,16,17,18,23].…”

Section: Introductionmentioning

confidence: 99%

PAES: Policy-Based Authority Evaluation Scheme

Scalavino

Gowadia

Lupu

2009

Data and Applications Security XXIII

View full text Add to dashboard Cite

Abstract. Enterprise Rights Management (ERM) systems aim to protect disseminated data even after it has been sent to remote locations. Existing systems are based on common components, have similar functionalities and often have two shortcomings: a centralised architecture and a lack of concern for the trust and privacy of data recipients. To access the data, recipients must present their credentials to a policy evaluation authority, which they cannot choose and may not trust. Furthermore, recipients may be unable to access the data if their connection is intermittent or if they are off-line. To address these limitations, we propose PAES: a Policy-based Authority Evaluation Scheme, which combines data protection with a distributed policy evaluation protocol. The result allows us to implement the sticky policies paradigm in combination with trust management techniques. This permits distributing policy evaluation over a flexible set of authorities, simultaneously increasing the resilience of policy enforcement.

show abstract

Towards accountable management of identity and privacy: sticky policies and enforceable tracing services

Cited by 139 publications

References 6 publications

Privacy through Web-Traveler Policies in Social Network Environments

Privacy through Web-Traveler Policies in Social Network Environments

Policy Provisioning for Distributed Identity Management Systems

PAES: Policy-Based Authority Evaluation Scheme

Contact Info

Product

Resources

About