Abstract
Enterprise privacy enforcement allows enterprises to internally enforce a privacy policy that the enterprise has decided to comply to. To facilitate the compliance with different privacy policies when several parts of an organization or different enterprises cooperate, it is crucial to have tools at hand that allow for a practical management of varying privacy requirements.
We propose an algebra providing various types of operators for composing and restricting enterprise privacy policies like conjunction, disjunction, and scoping, together with its formal semantics. We base our work on a superset of the syntax and semantics of IBM’s Enterprise Privacy Authorization Language (EPAL), which recently has been submitted to W3C for standardization. However, a detailed analysis of the expressiveness of EPAL reveals that, somewhat surprisingly, EPAL is not closed under conjunction and disjunction. To circumvent this problem, we identified the subset of well-founded privacy policies which enjoy the property that the result of our algebraic operations can be turned into a coherent privacy policy again. This enables existing privacy policy enforcement mechanisms to deal with our algebraic expressions. We further show that our algebra fits together with the existing notions of privacy policy refinement and sequential composition of privacy policies in a natural way.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise Privacy Authorization Language (EPAL). Research Report 3485, IBM Research (2003)
Ashley, P., Hada, S., Karjoth, G., Schunter, M.: E-P3P privacy policies and privacy authorization. In: Proc. 1st ACM Workshop on Privacy in the Electronic Society (WPES), pp. 103–109 (2002)
Backes, M., Dürmuth, M., Steinwandt, R.: An algebra for composing enterprise privacy policies. Research Report 3557, IBM Research (2004)
Backes, M., Pfitzmann, B., Schunter, M.: A toolkit for managing enterprise privacy policies. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 162–180. Springer, Heidelberg (2003)
Bettini, C., Jajodia, S., Wang, X.S., Wijesekerat, D.: Obligation monitoring in policy management. In: Proc. 3rd IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 2–12 (2002)
Bonatti, P.A., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: A component-based architecture for secure data publication. In: Proc. 17th Annual Computer Security Applications Conference, pp. 309–318 (2001)
Bonatti, P.A., De Capitani di Vimercati, S., Samarati, P.: A modular approach to composing access control policies. In: Proc. 7th ACM Conference on Computer and Communications Security, pp. 164–173 (2000)
Bonatti, P.A., de Capitani di Vimercati, S., Samarati, P.: An algebra for composing access comtrol policies. ACM Transactions on Information and System Security 5(1), 1–35 (2002)
Cavoukian, A., Hamilton, T.J.: The Privacy Payoff: How successful businesses build customer trust. McGraw-Hill/Ryerson (2002)
De Capitani di Vimercati, S., Samarati, P.: An authorization model for federated systems. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 99–117. Springer, Heidelberg (1996)
Fischer-Hübner, S.: IT-security and privacy: Design and use of privacy-enhancing security mechanisms. In: Fischer-Hübner, S. (ed.) IT-Security and Privacy. LNCS, vol. 1958, p. 35. Springer, Heidelberg (2001)
Fu, Z., Wu, S.F., Huang, H., Loh, K., Gong, F., Baldine, I., Xu, C.: IPSec/VPN security policy: Correctness, conflict detection and resolution. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 39–56. Springer, Heidelberg (2001)
Gligor, V.D., Gavrila, S.I., Ferraiolo, D.: On the formal definition of separation-of-duty policies and their composition. In: Proc. 19th IEEE Symposium on Security & Privacy, pp. 172–183 (1998)
Jajodia, S., Kudo, M., Subrahmanian, V.S.: Provisional authorization. In: Proc. Ecommerce Security and Privacy, pp. 133–159. Kluwer Academic Publishers, Dordrecht (2001)
Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.: Flexible support for multiple access control policies. ACM Transactions on Database Systems 26(4), 216–260 (2001)
Karjoth, G., Schunter, M.: A privacy policy model for enterprises. In: Proc. 15th IEEE Computer Security Foundations Workshop (CSFW), pp. 271–281 (2002)
Karjoth, G., Schunter, M., Waidner, M.: The platform for enterprise privacy practices – privacy-enabled management of customer data. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 69–84. Springer, Heidelberg (2003)
Lakshminarayanan, S., Ramamoorthy, R., Hung, P.C.K.: Conflicts in inter-prise epal policies. In: W3C Workshop on the long term Future of P3P and Enterprise Privacy Langugate; Position Papers. World Wide Web Consortium (2003)
McLean, J.: The algebra of security. In: Proc. 9th IEEE Symposium on Security & Privacy, pp. 2–7 (1988)
Moffett, J.D., Sloman, M.S.: Policy hierarchies for distributed systems management. IEEE JSAC Special Issue on Network Management 11(9), 1404–31414 (1993)
Platform for Privacy Preferences (P3P). W3C Recommendation (April 2002)
Ribeiro, C., Zuquete, A., Ferreira, P., Guedes, P.: SPL: An access control language for security policies with complex constraints. In: Proc. Network and Distributed System Security Symposium, NDSS (2001)
Simon, R.T., Zurko, M.E.: Separation of duty in role-based environments. In: Proc. 10th IEEE Computer Security Foundations Workshop (CSFW), pp. 183–194 (1997)
Wijesekera, D., Jajodia, S.: Policy algebras for access control – the propositional case. In: Proc. 8th ACM Conference on Computer and Communications Security, pp. 38–47 (2001)
Wijesekera, D., Jajodia, S.: A propositional policy algebra for access control. ACM Transactions on Information and System Security 6(2), 286–325 (2003)
eXtensible Access Control Markup Language (XACML). OASIS Committee Specification 1.0 (December 2002), www.oasis-open.org/committees/xacml
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Backes, M., Dürmuth, M., Steinwandt, R. (2004). An Algebra for Composing Enterprise Privacy Policies. In: Samarati, P., Ryan, P., Gollmann, D., Molva, R. (eds) Computer Security – ESORICS 2004. ESORICS 2004. Lecture Notes in Computer Science, vol 3193. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30108-0_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-30108-0_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22987-2
Online ISBN: 978-3-540-30108-0
eBook Packages: Springer Book Archive