Handbook of graph grammars and computing by graph transformation: vol. 3: concurrency, parallelism, and distribution
A Formal Model for Role-Based Access Control Using Graph Transformation
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Translating Privacy Practices into Privacy Promises—How to Promise What You Can Keep
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Privacy Promises, Access Control, and Privacy Management
ISEC '02 Proceedings of the Third International Symposium on Electronic Commerce
Privacy Enforcement with an Extended Role-Based Access Control Model
Privacy Enforcement with an Extended Role-Based Access Control Model
Specifying privacy policies with P3P and EPAL: lessons learned
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Consistency between Executable and Abstract Processes
EEE '05 Proceedings of the 2005 IEEE International Conference on e-Technology, e-Commerce and e-Service (EEE'05) on e-Technology, e-Commerce and e-Service
Graph-based specification of access control policies
Journal of Computer and System Sciences
A comparison of two privacy policy languages: EPAL and XACML
A comparison of two privacy policy languages: EPAL and XACML
A logic for analyzing abstractions of graph transformation systems
SAS'03 Proceedings of the 10th international conference on Static analysis
Representing and reasoning about privacy abstractions
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
West2East: exploiting WEb Service Technologies to Engineer Agent-based SofTware
International Journal of Agent-Oriented Software Engineering
Privacy inspection and monitoring framework for automated business processes
WISE'07 Proceedings of the 8th international conference on Web information systems engineering
A dynamic privacy model for web services
Computer Standards & Interfaces
A formal P3P semantics for composite services
SDM'10 Proceedings of the 7th VLDB conference on Secure data management
Minimal privacy authorization in web services collaboration
Computer Standards & Interfaces
Analysis of the minimal privacy disclosure for web services collaborations with role mechanisms
Expert Systems with Applications: An International Journal
Hi-index | 0.00 |
Despite the increased privacy concerns in the Internet, not much attention has been paid into enforcing privacy policies of organisations who collect and consume personal data using automatic means (e.g., Web services). In this paper, we propose a graph-transformation based framework to check whether an internal business process (implemented using a standard Web service composition language such as BPEL) adheres to the organisation's privacy policies. The graph-based specification formalism combines the advantages of an intuitive visual framework with rigorous semantical foundation that allows consistency checking between a business process and privacy policy. The privacy consistency verification framework is defined by a set of rules to build the system state and sets of constraints (positive and negative) to specify the wanted and unwanted substates.