Fine-grained disclosure of access policies

Authors:
Claudio Agostino Ardagna;Sabrina De Capitani di Vimercati;Sara Foresti;Gregory Neven;Stefano Paraboschi;Franz-Stefan Preiss;Pierangela Samarati;Mario Verdicchio
Affiliations:
Università degli Studi di Milano, Crema, Italy;Università degli Studi di Milano, Crema, Italy;Università degli Studi di Milano, Crema, Italy;IBM Research Zürich, Rüschlikon, Switzerland;Università degli Studi di Bergamo, Dalmine, Italy;IBM Research Zürich, Rüschlikon, Switzerland;Università degli Studi di Milano, Crema, Italy;Università degli Studi di Bergamo, Dalmine, Italy
Venue:
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Year:
2010

Citing 11
Cited 1

A uniform framework for regulating service access and information release on the web

Journal of Computer Security
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
A Unified Scheme for Resource Protection in Automated Trust Negotiation

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Driving and Monitoring Provisional Trust Negotiation with Metapolicies

POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Preventing attribute information leakage in automated trust negotiation

Proceedings of the 12th ACM conference on Computer and communications security
Attribute-Based Access Control with Hidden Policies and Hidden Credentials

IEEE Transactions on Computers
The Traust Authorization Service

ACM Transactions on Information and System Security (TISSEC)
Privacy-Aware Biometrics: Design and Implementation of a Multimodal Verification System

ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Supporting privacy preferences in credential-based interactions

Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
Minimizing Disclosure of Private Information in Credential-based Interactions: A Graph-based Approach

SOCIALCOM '10 Proceedings of the 2010 IEEE Second International Conference on Social Computing
Expressive and Deployable Access Control in Open Web Service Applications

IEEE Transactions on Services Computing

Toward efficient and confidentiality-aware federation of access control policies

Proceedings of the 7th Workshop on Middleware for Next Generation Internet Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

In open scenarios, where servers may receive requests to access their services from possibly unknown clients, access control is typically based on the evaluation of (certified or uncertified) properties, that clients can present. Since assuming the client to know a-priori the properties she should present to acquire access is clearly limiting, servers should be able to respond to client requests with information on the access control policies regulating access to the requested services. In this paper, we present a simple, yet flexible and expressive, approach for allowing servers to specify disclosure policies, regulating if and how access control policies on services can be communicated to clients. Our approach allows fine-grain specifications, thus capturing different ways in which policies, and portions thereof, can be communicated. We also define properties that can characterize the client view of the access control policy.