A uniform framework for regulating service access and information release on the web
Journal of Computer Security
E-P3P privacy policies and privacy authorization
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
An XPath-based preference language for P3P
WWW '03 Proceedings of the 12th international conference on World Wide Web
A Privacy Policy Model for Enterprises
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Web Privacy with P3p
Driving and Monitoring Provisional Trust Negotiation with Metapolicies
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Privacy Protection of Enterprise Information through Inference Analysis
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Proceedings of the 6th international conference on Mobile data management
Managing privacy preferences for federated identity management
Proceedings of the 2005 workshop on Digital identity management
Privacy constraint processing in a privacy-enhanced database management system
Data & Knowledge Engineering
Supporting location-based conditions in access control policies
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Provisions and obligations in policy management and security applications
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Towards privacy-enhanced authorization policies and languages
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Privacy policy enforcement in enterprises with identity management solutions
Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
A privacy-aware access control system
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Enforcing purpose of use via workflows
Proceedings of the 8th ACM workshop on Privacy in the electronic society
A privacy-enhanced attribute-based access control system
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Towards defining semantic foundations for purpose-based privacy policies
Proceedings of the first ACM conference on Data and application security and privacy
Privacy in the electronic society
ICISS'06 Proceedings of the Second international conference on Information Systems Security
End-to-end policy based encryption techniques for multi-party data management
Computer Standards & Interfaces
| Hi-index | 0.00 |
The protection of privacy is an increasing concern in today's global infrastructure. One of the most important privacy protection principles states that personal information collected for one purpose may not be used for any other purpose without the specific informed consent of the person it concerns. Although users provide personal information for use in one specific context, they often have no idea on how such a personal information may be used subsequently. In this paper, we introduce a new type of privacy policy, called data handling policy, which defines how the personal information release will be (or should be) dealt with at the receiving party. A data handling policy allows users to define simple and appropriate levels of control over who sees what information about them and under which circumstances.