Skip to main content
SpringerLink
Log in

Dynamic Labelling to Enforce Conformance of Cross Domain Security/Privacy Policies

  • Conference paper
  • First Online:
Distributed Computing and Internet Technology (ICDCIT 2017)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 10109))

Abstract

Conformance of declared security policies while traversing different sites has been a challenge for realizing work-flows on clouds that need to move from one cloud domain to another domain from the perspective of optimization of utilization. Such a possibility will enable optimization of communication and thereby realize the tenet of Utility Computing or Cloud computing. In this paper, we show how dynamic relabelling realized through the Readers-Writers Flow Model (RWFM) enables us to realize such an important property. We shall illustrate the modelling through an example wherein the privacy policies of two domains that permit each other have different security policies and show how, it is possible to realize a joint policy that is in conformance with both the domains. This enables us to inform the user when the privacy policy for which he has signed differs from the cross-site traversal and thereby assure him that his main privacy policy is preserved. If not, he can provide an explicit endorsement as long as that will not compromise the security policy of the main domain for which he has signed.

N.V. Narendra Kumar—The work was carried out with support from ISRDC (Information Security Research and Development Center), a project sponsored by MeitY, GoI.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Breaux, T.D., Hibshi, H., Rao, A.: Eddy, a formal language for specifying and analyzing data flow specifications for conflicting privacy requirements. Requirements Eng. 19(3), 281–307 (2014)

    Article  Google Scholar 

  2. Datta, A.: Privacy, audit and accountability. In: 22nd IFIP WCC 2012. http://www.wcc2012.org/pdfs/ADatta.pdf. Accessed 15 Aug 2016

  3. Denning, D.E.: A lattice model of secure information flow. Comm. ACM 19(5), 236–243 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  4. Narendra Kumar, N.V., Shyamasundar, R.K.: Realizing purpose-based privacy policies succinctly via information-flow labels. In: 4th IEEE BDCloud, pp. 753–760. IEEE (2014)

    Google Scholar 

  5. Narendra Kumar, N.V., Shyamasundar, R.K.: POSTER: dynamic labelling for analyzing security protocols. In: 22nd ACM CCS, pp. 1665–1667 (2015)

    Google Scholar 

  6. Sen, S., Guha, S., Datta, A., Rajamani, S.K., Tsai, J.Y., Wing, J.M.: Bootstrapping privacy compliance in big data systems. In: IEEE SP, pp. 327–342 (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology Bombay, Mumbai, India

    N. V. Narendra Kumar & R. K. Shyamasundar

Authors
  1. N. V. Narendra Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. R. K. Shyamasundar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to N. V. Narendra Kumar .

Editor information

Editors and Affiliations

  1. Oracle Labs, Brisbane, Queensland, Australia

    Padmanabhan Krishnan

  2. Infosys Limited, Hyderabad, India

    P. Radha Krishna

  3. IBM Thomas J. Watson Research Center, Yorktown Heights, New York, USA

    Laxmi Parida

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Narendra Kumar, N.V., Shyamasundar, R.K. (2017). Dynamic Labelling to Enforce Conformance of Cross Domain Security/Privacy Policies. In: Krishnan, P., Radha Krishna, P., Parida, L. (eds) Distributed Computing and Internet Technology. ICDCIT 2017. Lecture Notes in Computer Science(), vol 10109. Springer, Cham. https://doi.org/10.1007/978-3-319-50472-8_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-50472-8_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-50471-1

  • Online ISBN: 978-3-319-50472-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation