The personal model of data: towards a privacy-oriented information system
Computers and Security
Interaction of authorities and acquaintances in the DORIS privacy model of data
MFDBS 89 Proceedings of the second symposium on Mathematical fundamentals of database systems
IEEE ADL '97 Proceedings of the IEEE international forum on Research and technology advances in digital libraries
PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet
Proceedings of the 7th ACM conference on Computer and communications security
Interoperable strategies in automated trust negotiation
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
ACM Transactions on Information and System Security (TISSEC)
The Personal Model of Data - Towards a Privacy Oriented Information System (Extended Abstract)
Proceedings of the Fifth International Conference on Data Engineering
Privacy-Enabled Services for Enterprises
DEXA '02 Proceedings of the 13th International Workshop on Database and Expert Systems Applications
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
An XPath-based preference language for P3P
WWW '03 Proceedings of the 12th international conference on World Wide Web
A Privacy Policy Model for Enterprises
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Web Privacy with P3p
Adaptive trust negotiation and access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Driving and Monitoring Provisional Trust Negotiation with Metapolicies
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Privacy Protection of Enterprise Information through Inference Analysis
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Proceedings of the 6th international conference on Mobile data management
Managing privacy preferences for federated identity management
Proceedings of the 2005 workshop on Digital identity management
Privacy constraint processing in a privacy-enhanced database management system
Data & Knowledge Engineering
Supporting location-based conditions in access control policies
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
POLICY '07 Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks
Provisions and obligations in policy management and security applications
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A privacy-enhanced attribute-based access control system
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Enhancing user privacy through data handling policies
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Towards privacy-enhanced authorization policies and languages
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Regulating Exceptions in Healthcare Using Policy Spaces
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
An XACML-based privacy-centered access control system
Proceedings of the first ACM workshop on Information security governance
Privacy of Value-Added Context-Aware Service Cloud
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
A card requirements language enabling privacy-preserving access control
Proceedings of the 15th ACM symposium on Access control models and technologies
A practical generic privacy language
ICISS'10 Proceedings of the 6th international conference on Information systems security
Context sensitive privacy management in a distributed environment
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Data usage control in the future internet cloud
The future internet
Semantics-enabled policies for information sharing and protection in the cloud
SocInfo'11 Proceedings of the Third international conference on Social informatics
Obligation language and framework to enable privacy-aware SOA
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Abstract privacy policy framework: addressing privacy problems in SOA
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
Controlling data dissemination
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Decision-cache based XACML authorisation and anonymisation for XML documents
Computer Standards & Interfaces
Crafting a balance between big data utility and protection in the semantic data cloud
Proceedings of the 3rd International Conference on Web Intelligence, Mining and Semantics
Enabling secure location-based services in mobile cloud computing
Proceedings of the second ACM SIGCOMM workshop on Mobile cloud computing
| Hi-index | 0.00 |
The protection of privacy is an increasing concern in our networked society because of the growing amount of personal information that is being collected by a number of commercial and public services. Emerging scenarios of user-service interactions in the digital world are then pushing toward the development of powerful and flexible privacy-aware models and languages. This paper aims at introducing concepts and features that should be investigated to fulfill this demand. We identify different types of privacy-aware policies: access control, release and data handling policies. The access control policies govern access/release of data/services managed by the party (as in traditional access control), and release policies govern release of personal identifiable information (PII) of the party and specify under which conditions it can be disclosed. The data handling policies allow users to specify and communicate to other parties the policy that should be enforced to deal with their data. We also discuss how data handling policies can be integrated with traditional access control systems and present a privacy control module in charge of managing, integrating, and evaluating access control, release and data handling policies.