{"title":"用于在多权威云环境中实施隐私的基于本体的指南","authors":"Maherzia Belaazi, H. B. Rahmouni, A. Bouhoula","doi":"10.1109/CLOUDTECH.2015.7337015","DOIUrl":null,"url":null,"abstract":"Despite its attractive benefits, cloud adoption is challenged by some criteria of security and privacy. Access Control is one of the traditional and essential security tools of data protection. The decision to grant access to a resource must ensure secure management with a specific attention to privacy and data protection regulations. In particular, the challenge is more important with public clouds as many governing authorities could be involved in one cloud scenario. This implies a difficulty to work out which regulation should be applicable in case of conflict. In recent years, many access control models were proposed. Despite increasing legislative pressure, few of these propositions take care of privacy requirements in their security policies specification and enforcement. In this paper, we propose to enforce privacy compliance in access control policies for the context of public cloud. Throughout the use of ontology tools, we propose an approach for checking privacy enforcement with access control conditions. We also suggest the use of privacy safeguards notification where the threat to privacy protection is related to the secondary usage of personal data more than just the data access itself.","PeriodicalId":293168,"journal":{"name":"2015 International Conference on Cloud Technologies and Applications (CloudTech)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"An ontology-based guidance for privacy enforcement in a multi-authority cloud environment\",\"authors\":\"Maherzia Belaazi, H. B. Rahmouni, A. Bouhoula\",\"doi\":\"10.1109/CLOUDTECH.2015.7337015\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Despite its attractive benefits, cloud adoption is challenged by some criteria of security and privacy. Access Control is one of the traditional and essential security tools of data protection. The decision to grant access to a resource must ensure secure management with a specific attention to privacy and data protection regulations. In particular, the challenge is more important with public clouds as many governing authorities could be involved in one cloud scenario. This implies a difficulty to work out which regulation should be applicable in case of conflict. In recent years, many access control models were proposed. Despite increasing legislative pressure, few of these propositions take care of privacy requirements in their security policies specification and enforcement. In this paper, we propose to enforce privacy compliance in access control policies for the context of public cloud. Throughout the use of ontology tools, we propose an approach for checking privacy enforcement with access control conditions. We also suggest the use of privacy safeguards notification where the threat to privacy protection is related to the secondary usage of personal data more than just the data access itself.\",\"PeriodicalId\":293168,\"journal\":{\"name\":\"2015 International Conference on Cloud Technologies and Applications (CloudTech)\",\"volume\":\"48 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-06-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 International Conference on Cloud Technologies and Applications (CloudTech)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CLOUDTECH.2015.7337015\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 International Conference on Cloud Technologies and Applications (CloudTech)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CLOUDTECH.2015.7337015","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An ontology-based guidance for privacy enforcement in a multi-authority cloud environment
Despite its attractive benefits, cloud adoption is challenged by some criteria of security and privacy. Access Control is one of the traditional and essential security tools of data protection. The decision to grant access to a resource must ensure secure management with a specific attention to privacy and data protection regulations. In particular, the challenge is more important with public clouds as many governing authorities could be involved in one cloud scenario. This implies a difficulty to work out which regulation should be applicable in case of conflict. In recent years, many access control models were proposed. Despite increasing legislative pressure, few of these propositions take care of privacy requirements in their security policies specification and enforcement. In this paper, we propose to enforce privacy compliance in access control policies for the context of public cloud. Throughout the use of ontology tools, we propose an approach for checking privacy enforcement with access control conditions. We also suggest the use of privacy safeguards notification where the threat to privacy protection is related to the secondary usage of personal data more than just the data access itself.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
