A privacy protection model in ID management using access control

Authors:
Hyang-Chang Choi;Yong-Hoon Yi;Jae-Hyun Seo;Bong-Nam Noh;Hyung-Hyo Lee
Affiliations:
Dept. of Information Security, Chonnam National University, Gwangju, Korea;Dept. of Information Security, Chonnam National University, Gwangju, Korea;Div. of Information Engineering, Mokpo National University, Mokpo, Korea;Dept. of Information Security, Chonnam National University, Gwangju, Korea;Div. of Information and EC, Wonkwang University, Iksan, Korea
Venue:
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Year:
2005

Citing 2
Cited 1

E-P3P privacy policies and privacy authorization

Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
Web Privacy with P3p

Web Privacy with P3p

Policy-based integration of user and provider-sided identity management

ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

The problem of privacy of the Identity Management System (IMS) is the most pressing concern of ordinary users. Uncertainty about privacy keeps many users away from utilizing IMS. Most privacy-enhancing technologies such P3P, E-P3P and EPAL use purposes or policies to ensure privacy that is set by users. Access control is arguably the most fundamental and pervasive security mechanism in use. This paper proposes a privacy protection model using access control for IMS. The proposed model protects privacy using access control techniques with privacy policies in a single circle of trust. We address characteristics of components for the proposed model and describe access control procedures. After that, we show protection architecture and XML-based schema for privacy policies.