Abstract
The protection of privacy in today’s global infrastructure requires the combined application solution from technology (technical measures), legislation (law and public policy), and organizational and individual policies and practices. Emerging scenarios of user-service interactions in the digital world are also pushing toward the development of powerful and flexible privacy-enhanced models and languages.
This paper aims at introducing concepts and features that should be investigated to fulfill this demand. In particular, the content of this paper is a result of our ongoing activity in the framework of the PRIME project (Privacy and Identity Management for Europe), funded by the European Commission, whose objective is the development of privacy-aware solutions for enforcing security.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bonatti, P., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: A Component-based Architecture for Secure Data Publication. In: Proc. of the 17th Annual Computer Security Applications Conference, New Orleans, Louisiana (2001)
Bonatti, P., Samarati, P.: A Unified Framework for Regulating Access and Information Release on the Web. Journal of Computer Security 10, 241–272 (2002)
Ashley: P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise Privacy Authorization Language (EPAL 1.1). IBM Research Report (2003), http://www.zurich.ibm.com/security/enterprise-privacy/epal
Samarati, P., De Capitani di Vimercati, S.: Access Control: Policies, Models, and Mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, p. 137. Springer, Heidelberg (2001)
eXtensible Access Control Markup Language (XACML) Version 1.1. OASIS (2003), http://www.oasis-open.org/committees/xacml/repository/cs-xacml-specification-1.1.pdf
Ardagna, C.A., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: A Web Service Architecture for Enforcing Access Control Policies. In: Proc. of the First International Workshop on Views On Designing Complex Architectures (VODCA 2004), Bertinoro, Italy (2004)
Ardagna, C.A., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: XML-based Access Control Languages. Information Security Technical Report, vol. 9 (2004)
Gladman, B., Ellison, C., Bohm, N.: Digital signatures, certificates and electronic commerce, http://www.clark.net/pub/cme/html/spki.html
Bettini, C., Jajodia, S., Sean Wang, X., Wijesekera, D.: Provisions and Obligations in Policy Management and Security Applications. In: Proc. 28th Conf. Very Large Data Bases, VLDB 2002 (2002), citeseer.ist.psu.edu/bettini02provisions.html
Park, J., Sandhu, R.: The UCONabc Usage Control Model. ACM Transactions on Information and System Security (TISSEC) 7(1) (2004)
World Wide Web Consortium: Semantic Web, http://www.w3.org/2001/sw/
Privacy and Identity Management for Europe (PRIME), http://www.prime-project.eu.org/
Damiani, E., De Capitani di Vimercati, S., Fugazza, C., Samarati, P.: Semantics-aware Privacy and Access Control: Motivation and Preliminary Results. In: 1st Italian Semantic Web Workshop, Ancona, Italy (2004)
Damiani, E., De Capitani di Vimercati, S., Fugazza, C., Samarati, P.: Extending Policy Languages to the Semantic Web. In: Koch, N., Fraternali, P., Wirsing, M. (eds.) ICWE 2004. LNCS, vol. 3140, pp. 330–343. Springer, Heidelberg (2004)
Cranor, L., Langheinrich, M., Marchiori, M., Presler-Marshall, M., Reagle, J.: The Platform for Privacy Preferences 1.0 (P3P1.0) Specification., http://www.w3.org/TR/P3P/
Ardagna, C.A., Damiani, E., De Capitani di Vimercati, S., Fugazza, C., Samarati, P.: Offline Expansion of XACML Policies Based on P3P Metadata (to appear). In: Lowe, D.G., Gaedke, M. (eds.) ICWE 2005. LNCS, vol. 3579, pp. 363–374. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ardagna, C.A., Damiani, E., De Capitani di Vimercati, S., Samarati, P. (2005). Towards Privacy-Enhanced Authorization Policies and Languages. In: Jajodia, S., Wijesekera, D. (eds) Data and Applications Security XIX. DBSec 2005. Lecture Notes in Computer Science, vol 3654. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11535706_2
Download citation
DOI: https://doi.org/10.1007/11535706_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28138-2
Online ISBN: 978-3-540-31937-5
eBook Packages: Computer ScienceComputer Science (R0)