Protection in operating systems
Communications of the ACM
E-P3P privacy policies and privacy authorization
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
An XPath-based preference language for P3P
WWW '03 Proceedings of the 12th international conference on World Wide Web
Efficient comparison of enterprise privacy policies
Proceedings of the 2004 ACM symposium on Applied computing
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
An approach to evaluate policy similarity
Proceedings of the 12th ACM symposium on Access control models and technologies
Proceedings of the 12th ACM symposium on Access control models and technologies
Privacy apis: formal models for analyzing legal privacy requirements
Privacy apis: formal models for analyzing legal privacy requirements
Language-Based enforcement of privacy policies
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Refinement checking for privacy policies
Science of Computer Programming
Hi-index | 0.00 |
Access control and privacy policy relations tend to focus on decision outcomes and are very sensitive to defined terms and state. Small changes or updates to a policy language or vocabulary may make two similar policies incomparable. To address this we develop two flexible policy relations derived from bisimulation in process calculi. Strong licensing compares the outcome of two policies strictly, similar to strong bisimulation. Weak licensing compares the outcome of policies more flexibly by ignoring irrelevant (non-conflicting) differences between outcomes, similar to weak bisimulation. We illustrate the relations using examples from P3P.