Automated xacml policy reconfiguration for evaluation optimisation
Proceedings of the fourth international workshop on Software engineering for secure systems
XML secure views using semantic access control
Proceedings of the 2010 EDBT/ICDT Workshops
Statistics & clustering based framework for efficient XACML policy evaluation
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
| Hi-index | 0.00 |
Nowadays enforcing privacy in enterprises is recognized as an issue of impact. Actually, it is a big challenge to adapt normative laws and regulations in a software system. It is a challenging task to include the formalized laws and rules in enterprises since e.g. more than one regulation may affect the terms of privacy concerning one situation. Traditional access control provides a general mechanism for assigning rights to individual users or roles. In the context of privacy this is insufficient; it offers no means to fulfil certain aspects such as limitations to the duration for which private data may be stored. To enforce privacy in enterprises we further need a fine granular access control mechanism on the data entities to ensure that every aspect of privacy can be reflected. This paper provides a novel solution for this by means of ontologies. The usage of ontologies in our approach differs from the conventional form in focusing on generating access control policies which are adapted from our software framework to provide fine granular access on the diverse data sources.