Security-control methods for statistical databases: a comparative study
ACM Computing Surveys (CSUR)
Directed hypergraphs and applications
Discrete Applied Mathematics - Special issue: combinatorial structures and algorithms
Web Services and Business Transactions
World Wide Web
Directed Hypergraphs: Problems, Algorithmic Results, and a Novel Decremental Approach
ICTCS '01 Proceedings of the 7th Italian Conference on Theoretical Computer Science
Maximum Flows and Critical Vertices in AND/OR Graphs
COCOON '02 Proceedings of the 8th Annual International Conference on Computing and Combinatorics
ER '02 Proceedings of the 21st International Conference on Conceptual Modeling
Information sharing across private databases
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Problem-Solving Methods in Artificial Intelligence
Problem-Solving Methods in Artificial Intelligence
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Limiting disclosure in hippocratic databases
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
IJCAI'73 Proceedings of the 3rd international joint conference on Artificial intelligence
Platform for enterprise privacy practices: privacy-enabled management of customer data
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Hierarchical hippocratic databases with minimal disclosure for virtual organizations
The VLDB Journal — The International Journal on Very Large Data Bases
Beyond purpose-based privacy access control
ADC '07 Proceedings of the eighteenth conference on Australasian database - Volume 63
Conditional purpose based access control model for privacy protection
ADC '09 Proceedings of the Twentieth Australasian Conference on Australasian Database - Volume 92
A conditional purpose-based access control model with dynamic roles
Expert Systems with Applications: An International Journal
A role-involved purpose-based access control model
Information Systems Frontiers
Hi-index | 0.00 |
Hippocratic Databases have been proposed as a mechanism to guarantee the respect of privacy principles in data management. We argue that three major principles are missing from the proposed mechanism: hierarchies of purposes, delegation of tasks and authorizations (i.e. outsourcing), and the minimal disclosure of private information. In this paper, we propose a flexible framework for the negotiation of personal information among customers and (possibly virtual) enterprises based on user preferences when enterprises may adopt different processes to provide the same service. We use a goal-oriented approach to analyze the purposes of a Hippocratic system and derive a purpose and delegation hierarchy. Based on this hierarchy, effective algorithms are given to determine the minimum set of authorizations needed for a service. In this way, the minimal authorization table of a global business process can be automatically constructed from the collection of privacy policy tables associated with the collaborating enterprises. By using effective on-line algorithms, the derivation of such minimal information can also be done on-the-fly by the customer wishing to use the services of a virtual organization.