Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Privacy for RFID through trusted computing
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
SWS '04 Proceedings of the 2004 workshop on Secure web service
A roadmap for comprehensive online privacy policy management
Communications of the ACM - Creating a science of games
Towards the development of privacy-aware systems
Information and Software Technology
PuRBAC: Purpose-Aware Role-Based Access Control
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
Formal consistency verification between BPEL process and privacy policy
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
A Formal Privacy Management Framework
Formal Aspects in Security and Trust
Enforcing P3P policies using a digital rights management system
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
Simplified privacy controls for aggregated services: suspend and resume of personal data
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
Minimal privacy authorization in web services collaboration
Computer Standards & Interfaces
Analysis of the minimal privacy disclosure for web services collaborations with role mechanisms
Expert Systems with Applications: An International Journal
A semantic privacy-preserving model for data sharing and integration
Proceedings of the International Conference on Web Intelligence, Mining and Semantics
Semantics-enabled policies for information sharing and protection in the cloud
SocInfo'11 Proceedings of the Third international conference on Social informatics
Privacy injector — automated privacy enforcement through aspects
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
Privacy by design: a formal framework for the analysis of architectural choices
Proceedings of the third ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
Enterprises advertise privacy promises using the W3CPlatform for Privacy Preferences (P3P). These privacypromises define what recipients can obtain what collecteddata for what purpose. Internally, enterprises can use fine-grainedprivacy practices such as defined by the Platformfor Enterprise Privacy Practices (E-P3P) to enforce privacy.These internal privacy policies should guarantee andenforce the promises made to the customers. Since privacypractices reflect business internals, they can changefrequently. As a consequence, it can be challenging to keepthe promises up-to-date with the actual practices. To enableup-to-date privacy promises, we describe a methodology forenterprises to promise what they can keep. This is doneby automatically transforming E-P3P privacy practices intocorresponding P3P privacy promises that reflect the actualenterprise-internal behavior. These P3P promises can thenbe published on a regular basis. Whenever the internalpolicies change, the P3P promises can easily be updatedas well.