Towards natural-language understanding and automated enforcement of privacy rules and regulations in the cloud: Survey and bibliography

Communications in Computer and Information Science

Volumn 187 CCIS, Issue , 2011, Pages 166-173

  Papanikolaou, Nick ^a   Pearson, Siani ^a   Mont, Marco Casassa ^a  

^a HEWLETT PACKARD LABORATORIES   (United States)

Author keywords

cloud computing; natural language processing; policy enforcement; privacy policies

Indexed keywords

AUTOMATED ENFORCEMENT; CLOUD DATA; CUSTOMER PRIVACY; KNOWLEDGE EXTRACTION; NATURAL-LANGUAGE PROCESSING; POLICY ENFORCEMENT; PRIVACY POLICIES; PRIVACY RULE; SEMANTIC REPRESENTATION;

CLOUD COMPUTING; INFORMATION MANAGEMENT; KNOWLEDGE REPRESENTATION; SEMANTICS; SURVEYS;

LAW ENFORCEMENT;

EID: 79960285825     PISSN: 18650929     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-3-642-22365-5_20     Document Type: Conference Paper

References (30)

1. Moulin, B., Rousseau, D.: Automated Knowledge Acquisition from Regulatory Texts. IEEE Expert 7(5), 27-35 (2002)
2. Bret Michael, J., Ong, V., Rowe, N.C.: Natural-Language Processing Support for Developing Policy-Governed Software Systems. In: Proceedings of 39th International Conference and Exhibition on Technology of Object-Oriented Languages and Systems (TOOLS 39), pp. 263-274 (2001)
3. Antón, A.I., Earp, J.B., He, Q., Stufflebeam, W., Bolchini, D., Jensen, C.: Financial Privacy Policies and the Need for Standardization. IEEE Security and Privacy 2(2), 36-45 (2004)
4. Krasnow Waterman, K.: Pre-processing Legal Text: Policy Parsing and Isomorphic Intermediate Representation. In: Proceedings of PRIVACY 2010 - Intelligent Information Privacy Management AAAI Spring Symposium. Stanford Center for Computers and Law, Palo Alto (2010)
5. Breaux, T.D., Antón, A.I.: Deriving Semantic Models from Privacy Policies. In: Proceedings of the Sixth International Workshop on Policies for Distributed Systems and Networks, POLICY 2005 (2005)
6. Kiyavitskaya, N., Zeni, N., Breaux, T.D., Antón, A.I., Cordy, J.R., Mich, L., Mylopoulos, J.: Extracting Rights and Obligations from Regulations: Toward a Tool-Supported Process. In: Proceedings of ASE 2007 (2007)
7. Breaux, T.D., Vail, M.W., Antón, A.I.: Towards Regulatory Compliance: Extracting Rights and Obligations to Align Requirements with Regulations. In: Proceedings of 14th IEEE International Requirements Engineering Conference, RE 2006 (2006)
8. Breaux, T.D., Antón, A.I.: Analyzing Regulatory Rules for Privacy and Security Requirements. IEEE Transactions on Software Engineering 34(1), 5-20 (2008)
9. Delannoy, J.F., Feng, C., Matwin, S., Szpakowicz, S.: Knowledge Extraction from Text: Machine Learning for Text-to-rule Translation. In: Brazdil, P.B. (ed.) ECML 1993. LNCS, vol. 667. Springer, Heidelberg (1993)
10. Delisle, S., Barker, K., Delannoy, J., Matwin, S., Szpakowicz, S.: From Text to Horn Clauses: Combining Linguistic Analysis and Machine Learning. In: Proceedings of Canadian AI Conference, AI/GI/CV 1994 (1994)
11. Stamey, J.W., Rossi, R.A.: Automatically Identifying Relations in Privacy Policies. In: Proceedings of SIGDOC 2009 (2009)
12. Barth, A., Datta, A., Mitchell, J.C., Nissenbaum, H.: Privacy and Contextual Integrity: Framework and Applications. In: Proceedings of IEEE Symposium on Security and Privacy (2006)
13. May, M.J., Gunter, C.A., Lee, I.: Privacy APIs: Access Control Techniques to Analyze and Verify Legal Privacy Policies. In: Proceedings of Computer Security Foundations Workshop, CSFW 2006 (2006)
14. Brodie, C.A., Karat, C., Karat, J.: An Empirical Study of Natural Language Parsing of Privacy Policy Rules Using the SPARCLE Policy Workbench. In: Proceedings of Symposium on Usable Privacy and Security, SOUPS (2006)
15. Ong, V.L.: An Architecture and Prototype System for Automatically Processing Natural- Language Statements of Policy. Master's thesis, Naval Postgraduate School, Monterey, California (2001)
16. Davies, J., Grobelnik, M., Mladenic, D. (eds.): Semantic Knowledge Management. Springer, Heidelberg (2009)
17. Breuker, J., Casanovas, P., Klein, M.C.A., Francesconi, E. (eds.): Law, Ontologies and the Semantic Web. IOS Press, Amsterdam (2009)
18. Casanovas, P., Sartor, G., Casellas, N., Rubino, R. (eds.): Computable Models of the Law. Springer, Heidelberg (2008)
19. Benjamins, V.R., Casanovas, P., Breuker, J., Gangemi, A. (eds.): Law and the Semantic Web. Springer, Heidelberg (2005)
20. Bourcier, D.: Legal Knowledge and Information Systems. IOS Press, Amsterdam (2003)
21. Mont, M.C., Pearson, S., Creese, S., Goldsmith, M., Papanikolaou, N.: A Conceptual Model for Privacy Policies with Consent and Revocation Requirements. In: Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life. LNCS. Springer, Heidelberg (2010)
22. Pearson, S., Rao, P., Sander, T., Parry, A., Paull, A., Patruni, S., Dandamudi-Ratnakar, V., Sharma, P.: Scalable, accountable privacy management for large organizations. In: Proceedings of 13th Enterprise Distributed Object Computing Conference Workshop (EDOCW 2009), pp. 168-175 (2009)
23. SPIN, http://www.spinroot.org
24. IBM REALM Project, http://www.zurich.ibm.com/security/publications/2006/ REALM-atIRIS2006-20060217.pdf
25. Chen, K., Wang, D.: An aspect-oriented approach to privacy-aware access control. In: Proceedings of the Sixth International Conference on Machine Learning and Cybernetics, Hong Kong, August 19-22 (2007)
26. Berghe, C.V., Schunter, M.: Privacy Injector - Automated Privacy Enforcement through Aspects. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 99-117. Springer, Heidelberg (2006)
27. Peleg, M., Beimel, D., Dori, D., Denekamp, Y.: Situation-Based Access Control: privacy management via modeling of patient data access scenarios. Journal of Biomedical Informatics (to appear)
28. Bussard, L., Becker, M.Y.: Can Access Control be Extended to Deal with Data Handling in Privacy Scenarios?. In: Proceedings of W3C Workshop on Access Control Application Scenarios (2009)
29. Becker, M.Y., Sewell, P.: Cassandra: Distributed Access Control Policies with Tunable Expressiveness. In: Proceedings of 5th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2004), Yorktown Heights, NY, USA, June 7-9, pp. 159-168. IEEE Computer Society, Los Alamitos (2004)
30. Mowbray, M., Pearson, S., Shen, Y.: Enhancing privacy in cloud computing via policy-based obfuscation. Journal of Supercomputing, doi:10.1007/s11227-010- 0425-z