A comparison of two privacy policy languages: EPAL and XACML
Proceedings of the 3rd ACM workshop on Secure web services
A Formal Privacy Management Framework
Formal Aspects in Security and Trust
Personalizing access control by generalizing access control
Proceedings of the 15th ACM symposium on Access control models and technologies
Cue: a framework for generating meaningful feedback in XACML
Proceedings of the 3rd ACM workshop on Assurable and usable security configuration
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
An algebra for enterprise privacy policies closed under composition and conjunction
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Towards high performance security policy evaluation
The Journal of Supercomputing
Privacy by design: a formal framework for the analysis of architectural choices
Proceedings of the third ACM conference on Data and application security and privacy
Hi-index | 0.00 |
Privacy policy evaluation engines enable querieswhether a specific user is allowed to access specific datafor a specific purpose. While tools for authoring, maintaining,and auditing privacy policies already exist, no tool existsyet to deal with unification within such policies, e.g., toenable queries if data might be modified by some user, orhow many user entries satisfy a certain constraint. We showhow this can can be achieved by embedding enterprise privacypolicies into Prolog. We show this concretely for IBM'sEnterprise Privacy Authorization Language (EPAL). Basedon the unification mechanisms of Prolog, our work enablesgeneral queries for privacy policies as well as quantitativemeasurements.