Enforcing P3P policies using a digital rights management system

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4776 LNCS, Issue , 2007, Pages 200-217

  Salim, Farzad ^a   Sheppard, Nicholas Paul ^a   Safavi Naini, Rei ^b  

^a UNIVERSITY OF WOLLONGONG   (Australia)

^b UNIVERSITY OF CALGARY   (Canada)

Author keywords

[No Author keywords available]

Indexed keywords

CUSTOMER SATISFACTION; DATA COMMUNICATION EQUIPMENT; DATA PRIVACY; INFORMATION MANAGEMENT;

DATA USERS; DIGITAL RIGHTS MANAGEMENT SYSTEM; P3P POLICIES;

DISTRIBUTED COMPUTER SYSTEMS;

EID: 38149129285     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-75551-7_13     Document Type: Conference Paper

References (17)

1. Barth, A., Mitchell, J.C.: Enterprise privacy promises and enforcement. In: WITS 2005: Proceedings of the 2005 Workshop on Issues in the Theory of Security, Long Beach, California, pp. 58-66. ACM Press, New York (2005)
2. Bormans, J., Hill, K.: International standards organization. Information technology - multimedia framework (MPEG-21) - part 5: Rights expression language. ISO/IEC 21000-5:2004
3. Bucker, A., Haase, B., Moore, D., Keller, M., Koblinger, O., Wu, H.-F.: IBM tivoli privacy manager solution design and best practices. In: Redbooks (2002)
4. Catlett, J.: Open letter to P3P developers and replies. In: ACM Conference on Computers, Freedom and Privacy, pp. 157-164. ACM Press, New York (2000)
5. Coyle, K.: P3P: Pretty poor privacy? a social analysis of the platform for privacy preferences (P3P)
6. Cranor, L., Langheinrich, M., Marchiori, M., Presler-Marshall, M.: The platform for privacy preferences 1.0 (P3P 1.0) specification (2002)
7. Cranor, L.F., Arjula, M., Guduru, P.: Use of a P3P user agent by early adopters. In: WPES, pp. 1-10 (2002)
8. Cranor, L.F., Langheinrich, M., Marchiori, M.: A P3P preference exchange language 1.0 (APPEL 1.0). In: W3C Working Draft (2002)
9. Karjoth, G., Schunter, M., Herreweghen, E.V.: Translating privacy practices into privacy promises: How to promise what you can keep. In: POLICY 2003: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, p. 135. IEEE Computer Society, Washington, DC (2003)
10. Karjoth, G., Schunter, M., Waidner, M.: Privacy-enabled services for enterprises. In: Hameurlain, A., Cicchetti, R., Traunmüller, R. (eds.) DEXA 2002. LNCS, vol. 2453, pp. 483-487. Springer, Heidelberg (2002)
11. Kenny, S., Korba, L.: Applying digital rights management systems to privacy rights management. Computers & Security 21(7), 648-664 (2002)
12. Research Report 3485: IBM Research. Enterprise Privacy Authorization Language (EPAL) (2003)
13. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38-47 (1996)
14. Schaad, A., Moffett, J., Jacob, J.: The role-based access control system of a european bank: a case study and discussion. In: SACMAT 2001: Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies, pp. 3-9. ACM Press, New York (2001)
15. Sheppard, N.P., Safavi-Naini, R.: Protecting privacy with the MPEG-21 IPMP framework. In: 6th Workshop on Privacy Enhancing Technologies, pp. 152-171 (2006)
16. Stuffiebeam, W.H., Antón, A.I., He, Q., Jain, N.: Specifying privacy policies with P3P and EPAL: lessons learned. In: WPES, p. 35 (2004)
17. Yu, T., Li, N., Anton, A.I.: A formal semantics for P3P. In: SWS '04: Proceedings of the 2004 Workshop on Secure Web Service, pp. 1-8. ACM Press, New York (2004)