A Privacy Policy Model for Enterprises
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Privacy-aware role based access control
Proceedings of the 12th ACM symposium on Access control models and technologies
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Purpose based access control for privacy protection in relational database systems
The VLDB Journal — The International Journal on Very Large Data Bases
A Model for Privacy Policy Visualization
COMPSAC '09 Proceedings of the 2009 33rd Annual IEEE International Computer Software and Applications Conference - Volume 02
A Lattice-Based Privacy Aware Access Control Model
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Computer Security, Privacy and Politics: Current Issues, Challenges and Solutions
Computer Security, Privacy and Politics: Current Issues, Challenges and Solutions
Capturing P3P semantics using an enforceable lattice-based structure
Proceedings of the 4th International Workshop on Privacy and Anonymity in the Information Society
Using purpose lattices to facilitate customisation of privacy agreements
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Hi-index | 0.00 |
With the increasing amount of data collected by service providers, privacy concerns increase for data owners who provide private data to receive services. Legislative acts require service providers to protect the privacy of customers. Privacy policy frameworks, such as P3P, assist them by describing their privacy policies to customers (e.g. publishing privacy policy on websites). Unfortunately, providing the policies alone does not guarantee that they are actually enforced because privacy is not a key feature of conventional access control models. A privacy-preserving model should consider the privacy preferences of both the data provider and collector. This paper briefly develops a Lattice-based Privacy Aware Access Control (LPAAC) Model that enforces privacy policies, facilitates customization of privacy agreements, and accommodates preferences of both data and service providers. We demonstrate our model's design and feasibility with corresponding privacy catalogues. Examples clarify the usability, and we provide the implementation of our privacy catalogues that show the efficiency and scalability of our model.