A Notation for Policies Using Feature Structures
New security and privacy enhancing technologies are demanded in the new information and communication environments where a huge number of computers interact with each other in a distributed and ad hoc manner to access various resources. In this paper, we focus on access control because this is the underlying core technology to enforce security and privacy. Access control decides permit or deny according to access control policies. Since notations of policies are specialized in each system, it is difficult to ensure consistency of policies that are stated in different notations. In this paper, we propose a readable notation for policies by adopting the concept of feature structures, which has mainly been used for parsing in natural language processing. Our proposed notation is also logically well-founded, which guarantees strict access control decisions, and expressive in that it returns not only a binary value of permit or deny but also various result values through the application of partial order relations of the security risk level. We illustrate the effectiveness of our proposed method using examples from P3P.
Unable to display preview. Download preview PDF.
- 5.Karjoth, G., Schunter, M., Herreweghen, E.V., Waidner, M.: Amending P3P for clearer privacy promises. In: Proceedings of the 14th International Workshop on Database and Expert Systems Applications, DEXA 2003, pp. 445–449. IEEE Computer Society, Washington, DC (2003)Google Scholar
- 8.Ni, Q., Trombetta, A., Bertino, E., Lobo, J.: Privacy-aware role based access control. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, SACMAT 2007, pp. 41–50. ACM, New York (2007)Google Scholar
- 9.Organization for the Advancement of Structured Information Standards (OASIS): Extensible Access Control Markup Language (XACML), http://xml.coverpages.org/xacml.html
- 12.World Wide Web Consortium (W3C): P3P: The Platform for Privacy Preferences, http://www.w3.org/P3P/