Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic
Logic of Programs, Workshop
A Purpose-Oriented Access Control Model
ICOIN '98 Proceedings of the 13th International Conference on Information Networking
Privacy Promises, Access Control, and Privacy Management
ISEC '02 Proceedings of the Third International Symposium on Electronic Commerce
Privacy Enforcement with an Extended Role-Based Access Control Model
Privacy Enforcement with an Extended Role-Based Access Control Model
Purpose based access control of complex data for privacy protection
Proceedings of the tenth ACM symposium on Access control models and technologies
Deriving Semantic Models from Privacy Policies
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Compilers: Principles, Techniques, and Tools (2nd Edition)
Compilers: Principles, Techniques, and Tools (2nd Edition)
On the modeling and analysis of obligations
Proceedings of the 13th ACM conference on Computer and communications security
A logical framework for history-based access control and reputation systems
Journal of Computer Security
Principles of Model Checking (Representation and Mind Series)
Principles of Model Checking (Representation and Mind Series)
Design of PriServ, a privacy service for DHTs
PAIS '08 Proceedings of the 2008 international workshop on Privacy and anonymity in information society
Privacy-Aware Role-Based Access Control
IEEE Security and Privacy
Enforcing purpose of use via workflows
Proceedings of the 8th ACM workshop on Privacy in the electronic society
Artificial Intelligence: A Modern Approach
Artificial Intelligence: A Modern Approach
IT-security and privacy: design and use of privacy-enhancing security mechanisms
IT-security and privacy: design and use of privacy-enhancing security mechanisms
Enhancing user privacy through data handling policies
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Quantifying privacy violations
SDM'11 Proceedings of the 8th VLDB international conference on Secure data management
Annotations on access controls in wikis: a proposal
Proceedings of the 13th International Conference on Information Integration and Web-based Applications and Services
Privacy by design: a formal framework for the analysis of architectural choices
Proceedings of the third ACM conference on Data and application security and privacy
Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare
International Journal of Security and Networks
Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication
Hi-index | 0.00 |
We define a semantic model for purpose, based on which purpose-based privacy policies can be meaningfully expressed and enforced in a business system. The model is based on the intuition that the purpose of an action is determined by its situation among other inter-related actions. Actions and their relationships can be modeled in the form of an action graph which is based on the business processes in a system. Accordingly, a modal logic and the corresponding model checking algorithm are developed for formal expression of purpose-based policies and verifying whether a particular system complies with them. It is also shown through various examples, how various typical purpose-based policies as well as some new policy types can be expressed and checked using our model.