A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
A taxonomy for secure object-oriented databases
ACM Transactions on Database Systems (TODS)
Business data communications (4th ed.)
Business data communications (4th ed.)
Communications of the ACM
Consistent, yet anonymous, Web access with LPWA
Communications of the ACM
The platform for privacy preferences
Communications of the ACM
TRUSTe: an online privacy seal program
Communications of the ACM
Anonymous Web transactions with Crowds
Communications of the ACM
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Security and privacy after September 11: the health care example
Proceedings of the 12th annual conference on Computers, freedom and privacy
E-P3P privacy policies and privacy authorization
Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society
An Information-Flow for Privacy (InfoPriv)
Proceedings of the IFIP TC11 WG 11.3 Twelfth International Working Conference on Database Security XII: Status and Prospects
Database privacy: balancing confidentiality, integrity and availability
ACM SIGKDD Explorations Newsletter
Privacy-enhancing technologies: approaches and development
Computer Standards & Interfaces
Privacy-enhancing technologies for the Internet
COMPCON '97 Proceedings of the 42nd IEEE International Computer Conference
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Encryption wars: shifting tactics
IEEE Spectrum
Hi-index | 0.00 |
Privacy-enhancing technologies can be used to enhance the privacy of individuals who interact with information processing systems. This paper considers such technologies that can be used by the organisation to safeguard personal information it processes. The paper focuses on how access control could be used to protect the individual against misuse of personal data inside the organisation. More specifically the paper considers how such a privacy-enhancing technology can make a just choice when deciding whether an access request to personal data should be allowed or not.Access control decisions in this paper are based on the regulations that govern the interaction, the organisational policies that apply and the individual's privacy preferences.The proposed model forms part of the organisational safeguards layer of the Layered Privacy Architecture (LaPA) proposed earlier.