Efficient comparison of enterprise privacy policies
Proceedings of the 2004 ACM symposium on Applied computing
Unification in Privacy Policy Evaluation - Translating EPAL into Prolog
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Managing healthcare data hippocratically
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Towards Standardized Web Services Privacy Technologies
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Specifying privacy policies with P3P and EPAL: lessons learned
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Conflict and combination in privacy policy languages
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Enterprise privacy promises and enforcement
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
Tracking privacy compliance in B2B networks
ICEC '04 Proceedings of the 6th international conference on Electronic commerce
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
Privacy Preserving Trust Authorization Framework Using XACML
WOWMOM '06 Proceedings of the 2006 International Symposium on on World of Wireless, Mobile and Multimedia Networks
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Privacy-aware role based access control
Proceedings of the 12th ACM symposium on Access control models and technologies
Precomputation of privacy policy parameters for auditing SQL queries
Proceedings of the 2nd international conference on Ubiquitous information management and communication
Engineering Privacy Requirements in Business Intelligence Applications
SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management
Towards the development of privacy-aware systems
Information and Software Technology
Privacy-aware role-based access control
ACM Transactions on Information and System Security (TISSEC)
Rule-based policy representations and reasoning
Semantic techniques for the web
Personalizing access control by generalizing access control
Proceedings of the 15th ACM symposium on Access control models and technologies
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Privacy preserving event driven integration for interoperating social and health systems
SDM'10 Proceedings of the 7th VLDB conference on Secure data management
Extending XACML access control architecture for allowing preference-based authorisation
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
A semantic privacy-preserving model for data sharing and integration
Proceedings of the International Conference on Web Intelligence, Mining and Semantics
Towards high performance security policy evaluation
The Journal of Supercomputing
Idea: efficient evaluation of access control constraints
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Decision-cache based XACML authorisation and anonymisation for XML documents
Computer Standards & Interfaces
Conditional privacy-aware role based access control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
| Hi-index | 0.00 |
Current regulatory requirements in the U.S. and other countries make it increasingly important for Web Services to be able to enforce and verify their compliance with privacy policies. Structured policy languages can play a major role by supporting automated enforcement of policies and auditing of access decisions. This paper compares two policy languages that have been developed for use in expressing directly enforceable privacy policies -- the Enterprise Privacy Authorization Language (EPAL) and the OASIS Standard eXtensible Access Control Markup Language (XACML), together with its standard privacy profile.