Nicola Zannone, S. Jajodia, F. Massacci, D. Wijesekera
{"title":"维护派生对象的私密性","authors":"Nicola Zannone, S. Jajodia, F. Massacci, D. Wijesekera","doi":"10.1145/1102199.1102202","DOIUrl":null,"url":null,"abstract":"Protecting privacy means to ensure users that access to their personal data complies with their preferences. However, information can be manipulated in order to derive new objects that may disclose part of the original information. Therefore, control of information flow is necessary for guaranteeing privacy protection since users should know and control not only who access their personal data, but also who access information derived from their data. Actually, current approaches for access control do not provide support for managing propagation of information and for representing user preferences.This paper proposes to extend the Flexible Authorization Framework (FAF) in order to automatically verify whether a subject is entitled to process personal data and derive the authorizations associated with the outcome of data processing. In order to control information flow, users may specify the range of authorizations that can be associated with objects derived from their data. The framework guarantees that every \"valid\" derived object does not disclose more information than users want and preserves the permissions that users want to maintain. To make the discussion more concrete, we illustrate the proposal with a bank case study.","PeriodicalId":74537,"journal":{"name":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","volume":"21 1","pages":"10-19"},"PeriodicalIF":0.0000,"publicationDate":"2005-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Maintaining privacy on derived objects\",\"authors\":\"Nicola Zannone, S. Jajodia, F. Massacci, D. Wijesekera\",\"doi\":\"10.1145/1102199.1102202\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Protecting privacy means to ensure users that access to their personal data complies with their preferences. However, information can be manipulated in order to derive new objects that may disclose part of the original information. Therefore, control of information flow is necessary for guaranteeing privacy protection since users should know and control not only who access their personal data, but also who access information derived from their data. Actually, current approaches for access control do not provide support for managing propagation of information and for representing user preferences.This paper proposes to extend the Flexible Authorization Framework (FAF) in order to automatically verify whether a subject is entitled to process personal data and derive the authorizations associated with the outcome of data processing. In order to control information flow, users may specify the range of authorizations that can be associated with objects derived from their data. The framework guarantees that every \\\"valid\\\" derived object does not disclose more information than users want and preserves the permissions that users want to maintain. To make the discussion more concrete, we illustrate the proposal with a bank case study.\",\"PeriodicalId\":74537,\"journal\":{\"name\":\"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society\",\"volume\":\"21 1\",\"pages\":\"10-19\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-11-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1102199.1102202\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the ACM Workshop on Privacy in the Electronic Society. ACM Workshop on Privacy in the Electronic Society","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1102199.1102202","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Protecting privacy means to ensure users that access to their personal data complies with their preferences. However, information can be manipulated in order to derive new objects that may disclose part of the original information. Therefore, control of information flow is necessary for guaranteeing privacy protection since users should know and control not only who access their personal data, but also who access information derived from their data. Actually, current approaches for access control do not provide support for managing propagation of information and for representing user preferences.This paper proposes to extend the Flexible Authorization Framework (FAF) in order to automatically verify whether a subject is entitled to process personal data and derive the authorizations associated with the outcome of data processing. In order to control information flow, users may specify the range of authorizations that can be associated with objects derived from their data. The framework guarantees that every "valid" derived object does not disclose more information than users want and preserves the permissions that users want to maintain. To make the discussion more concrete, we illustrate the proposal with a bank case study.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
