Obligation language and framework to enable privacy-aware SOA

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5939 LNCS, Issue , 2010, Pages 18-32

  Ali, Muhammad ^a   Bussard, Laurent ^a   Pinsdorf, Ulrich ^a  

^a MICROSOFT   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMMON SPECIFICATION; PERSONALLY IDENTIFIABLE INFORMATION; POLICY LANGUAGE; PRIVACY POLICIES; STATE OF THE ART; TRUST DOMAIN;

ACCESS CONTROL; DATA HANDLING; INFORMATION SERVICES; LINGUISTICS; PHASE MEASUREMENT; QUERY LANGUAGES; SERVICE ORIENTED ARCHITECTURE (SOA); SPECIFICATIONS; TECHNICAL PRESENTATIONS;

DATA PRIVACY;

EID: 77951543455     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-11207-2_3     Document Type: Conference Paper

References (19)

1. Ardagna, C.A., Cremonini, M., De Capitani di Vimercati, S., Samarati, P.: A privacy-aware access control system. J. Comput. Secur. 16(4), 369-397 (2008)
2. Casassa, M., Beato, F.: On parametric obligation policies: Enabling privacy-aware information lifecycle management in enterprises. In: Eighth IEEE International Workshop on Policies for Distributed Systems and Networks, 2007, pp. 51-55. IEEE Computer Society Press, Los Alamitos (2007)
3. Irwin, K., Yu, T., Winsborough, W.H.: On the modeling and analysis of obligations. In: CCS 2006: Proceedings of the 13th ACM conference on Computer and communications security, pp. 134-143. ACM, New York (2006)
4. Rissanen, E.: OASIS eXtensible Access Control Markup Language (XACML) Version 3.0. OASIS working draft 10, OASIS (March 2009)
5. Hilty, M., Basin, D., Pretschner, A.: On obligations. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 98-117. Springer, Heidelberg (2005)
6. Cranor, L., Langheinrich, M., Marchiori, M., Reagle, J.: The platform for privacy preferences 1.0 (p3p1.0) specification. W3C Recommendation (April 2002)
7. TCG: Trusted Computing Platform Alliance (TCPA). Main Specification Version 1.1b, Trusted Computing Group, Inc. (February 2002)
8. Moses, T.: OASIS eXtensible Access Control Markup Language (XACML) Version 2.0. OASIS Standard oasis-access control-xacml-2.0-core-spec-os, OASIS (February 2005)
9. IBM: Enterprise privacy authorization language (EPAL 1.2)
10. Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The ponder policy specification language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18-38. Springer, Heidelberg (2001)
11. Kagal, L., Finin, T., Joshi, A.: A policy language for a pervasive computing environment. In: POLICY 2003: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, p. 63. IEEE Computer Society, Los Alamitos (2003)
12. Hilty, M., Pretschner, A., Basin, D., Schaefer, C., Walter, T.: A policy language for distributed usage control. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 531-546. Springer, Heidelberg (2007)
13. Pretschner, A., Schütz, F., Schaefer, C., Walter, T.: Policy evolution in distributed usage control. In: 4th Intl. Workshop on Security and Trust Management, Elsevier, Amsterdam (2008)
14. Katt, B., Zhang, X., Breu, R., Hafner, M., Seifert, J.P.: A general obligation model and continuity: enhanced policy enforcement engine for usage control. In: SACMAT 2008: Proceedings of the 13th ACM symposium on Access control models and technologies, pp. 123-132. ACM, New York (2008)
15. El Rakaiby, Y., Cuppens, F., Cuppens-Boulahia, N.: Formalization and management of group obligations. In: Proceedings of IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2009 (2009)
16. Cholvy, L., Garion, C.: Deriving individual obligations from collective obligations. In: AAMAS 2003: Proceedings of the second international joint conference on Autonomous agents and multiagent systems, pp. 962-963. ACM, New York (2003)
17. Ni, Q., Bertino, E., Lobo, J.: An obligation model bridging access control policies and privacy policies. In: SACMAT 2008: Proceedings of the 13th ACM symposium on Access control models and technologies, pp. 133-142. ACM, New York (2008)
18. Ni, Q., Trombetta, A., Bertino, E., Lobo, J.: Privacy-aware role based access control. In: SACMAT 2007: Proceedings of the 12th ACM symposium on Access control models and technologies, pp. 41-50. ACM, New York (2007) (Pubitemid 47281536)
19. Gama, P., Ferreira, P.: Obligation policies: An enforcement platform. In: POLICY 2005: Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks, Washington, DC, USA, pp. 203-212. IEEE Computer Society, Los Alamitos (2005) (Pubitemid 43861264)