Towards defining semantic foundations for purpose-based privacy policies
| Data(s) |
21/02/2011
|
|---|---|
| Resumo |
We define a semantic model for purpose, based on which purpose-based privacy policies can be meaningfully expressed and enforced in a business system. The model is based on the intuition that the purpose of an action is determined by its situation among other inter-related actions. Actions and their relationships can be modeled in the form of an action graph which is based on the business processes in a system. Accordingly, a modal logic and the corresponding model checking algorithm are developed for formal expression of purpose-based policies and verifying whether a particular system complies with them. It is also shown through various examples, how various typical purpose-based policies as well as some new policy types can be expressed and checked using our model. |
| Formato |
application/pdf |
| Identificador | |
| Publicador |
ACM |
| Relação |
http://eprints.qut.edu.au/40324/1/40324.pdf DOI:10.1145/1943513.1943541 Jafari, Mohammad, Fong, Philip W. L., Safavi-Naini, Rei, Barker, Ken, & Sheppard, Nicholas P. (2011) Towards defining semantic foundations for purpose-based privacy policies. In Proceedings of the First ACM Conference on Data and Application Security and Privacy (CODASPY '11), ACM, Hilton Palacio Del Rio, San Antonio, Texas, pp. 213-224. |
| Fonte |
Division of Technology, Information and Learning Support |
| Palavras-Chave | #080203 Computational Logic and Formal Languages #080303 Computer System Security #purpose #privacy policy #access control #modal logic |
| Tipo |
Conference Paper |
