38,124 research outputs found
A Declarative Framework for Specifying and Enforcing Purpose-aware Policies
Purpose is crucial for privacy protection as it makes users confident that
their personal data are processed as intended. Available proposals for the
specification and enforcement of purpose-aware policies are unsatisfactory for
their ambiguous semantics of purposes and/or lack of support to the run-time
enforcement of policies.
In this paper, we propose a declarative framework based on a first-order
temporal logic that allows us to give a precise semantics to purpose-aware
policies and to reuse algorithms for the design of a run-time monitor enforcing
purpose-aware policies. We also show the complexity of the generation and use
of the monitor which, to the best of our knowledge, is the first such a result
in literature on purpose-aware policies.Comment: Extended version of the paper accepted at the 11th International
Workshop on Security and Trust Management (STM 2015
Recommended from our members
Expressive Policy Analysis with Enhanced System Dynamicity
Despite several research studies, the effective analysis of policy based systems remains a significant challenge. Policy analysis should at least (i) be expressive (ii) take account of obligations and authorizations, (iii) include a dynamic system model, and (iv) give useful diagnostic information. We present a logic-based policy analysis framework which satisfies these requirements, showing how many significant policy-related properties can be analysed, and we give details of a prototype implementation. Copyright 2009 ACM
A Framework for Aggregating Private and Public Web Archives
Personal and private Web archives are proliferating due to the increase in
the tools to create them and the realization that Internet Archive and other
public Web archives are unable to capture personalized (e.g., Facebook) and
private (e.g., banking) Web pages. We introduce a framework to mitigate issues
of aggregation in private, personal, and public Web archives without
compromising potential sensitive information contained in private captures. We
amend Memento syntax and semantics to allow TimeMap enrichment to account for
additional attributes to be expressed inclusive of the requirements for
dereferencing private Web archive captures. We provide a method to involve the
user further in the negotiation of archival captures in dimensions beyond time.
We introduce a model for archival querying precedence and short-circuiting, as
needed when aggregating private and personal Web archive captures with those
from public Web archives through Memento. Negotiation of this sort is novel to
Web archiving and allows for the more seamless aggregation of various types of
Web archives to convey a more accurate picture of the past Web.Comment: Preprint version of the ACM/IEEE Joint Conference on Digital
Libraries (JCDL 2018) full paper, accessible at the DO
- ā¦