Abstract
In the past few years there has been an increased focus on privacy issues for Information Systems which has resulted in concerted systematic work focused on regulations, tools and enforcement. Despite this, privacy violations still do take place. Therefore there is an increased need to develop efficient methods to detect privacy violations. We propose one such framework which uses malafide intensions (post-event information) and privacy policy to detect probable privacy violations. The framework is based on the hypothesis that every privacy violation has a malafide intension associated with it which is available in a post-event scenario.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise Privacy Authorization Language (EPAL 1.1), IBM Research Report, 3485 (2003)
Godik, S., Moses, T.: OASIS, eXtensible Access Control Markup Language (XACML). OASIS (August 07, 2003)
Bhattacharya, J., Gupta, S.K.: Privacy Broker for Enforcing Privacy Policies in Databases. In: KBCS (2004)
IBM: IBM Tivoli Privacy Manager for e-business (2003), http://www-306.ibm.com/software/info/ecatalog/en_TH/products/K106003J38182X80.html
Bruno, J.B.: Security Breach Could Expose 40M to Fraud. Associated Press (June 18, 2005)
Barse, E.L.: Logging For Intrusion And Fraud Detection. Thesis For The Degree of Doctor of Philosophy, ISBN 91-7291-484-X Technical Report no.28D ISSN 1651-4971, School of Computer Science and Engineering, Chalmers University of Technology (2004)
Teasley, B.: Does Your Privacy Policy Mean Anything? (2005), http://www.clickz.com/experts/crm/analyze_data/article.php
Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison Wesley, Reading (1995)
Agrawal, R., Bayardo, R., Faloutsos, C., Kiernan, J., Rantzau, R., Srikant, R.: Auditing Compliance with a Hippocratic Database. In: Proceedings of the 30th VLDB Conference, Toronto, Canada (2004)
LeFevre, K., Agrawal, R., Ercegovac, V., Ramakrishnan, R., Xu, Y., DeWitt, D.: Limiting disclosure in Hippocratic databases. In: 30th Internaltional Conference on Very Large Data Bases, Toronto, Canada (August 2004)
Nanda, A., Burleson, D.K.: Oracle Privacy Security Auditing. Rampant (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gupta, S.K., Goyal, V., Patra, B., Dubey, S., Gupta, A. (2006). Design and Development of Malafide Intension Based Privacy Violation Detection System (An Ongoing Research Report). In: Bagchi, A., Atluri, V. (eds) Information Systems Security. ICISS 2006. Lecture Notes in Computer Science, vol 4332. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11961635_30
Download citation
DOI: https://doi.org/10.1007/11961635_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68962-1
Online ISBN: 978-3-540-68963-8
eBook Packages: Computer ScienceComputer Science (R0)