Abstract
Enterprise privacy enforcement allows enterprises to internally enforce a privacy policy that the enterprise has decided to comply to. An enterprise privacy policy often reflects different legal regulations, promises made to customers, as well as more restrictive internal practices of the enterprise. Further, it may allow customer preferences. Hence it may be authored, maintained, and audited in a distributed fashion.
Our goal is to provide the tools for such management of enterprise privacy policies. The syntax and semantics is a superset of the Enterprise Privacy Authorization Language (EPAL) recently proposed by IBM. The basic definition is refinement, i.e., the question whether fulfilling one policy automatically fulfills another one. This underlies auditing of a policy against an old or new regulation or promise and transferring data into a realm with a different policy. It is also the semantic basis for composition operators. We further define such composition operators for different purposes. Our main focus it to combine usability for enterprises, e.g., by treating multiple terminologies, incomplete data, and different types of errors and defaults, with the formal rigor needed to make privacy compliance meaningful and predictable.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise Privacy Authorization Language (EPAL). Research Report 3485, IBM Research (2003), http://www.zurich.ibm.com/security/enterprise-privacy/epal/specification
Ashley, P., Hada, S., Karjoth, G., Schunter, M.: E-P3P privacy policies and privacy authorization. In: Proc. 1st ACM Workshop on Privacy in the Electronic Society (WPES), pp. 103–109 (2002)
Belokosztolszki, A., Moody, K.: Meta-policies for distributed role-based access control systems. In: Proc. 3rd IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 106–115 (2002)
Bettini, C., Jajodia, S., Wang, X.S., Wijesekerat, D.: Obligation monitoring in policy management. In: Proc. 3rd IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 2–12 (2002)
Bonatti, P.A., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: A componentbased architecture for secure data publication. In: Proc. 17th Annual Computer Security Applications Conference, pp. 309–318 (2001)
Bonatti, P.A., De Capitani di Vimercati, S., Samarati, P.: A modular approach to composing access control policies. In: Proc. 7th ACM Conference on Computer and Communications Security, pp. 164–173 (2000)
Bonatti, P.A., De Capitani di Vimercati, S., Samarati, P.: An algebra for composing access control policies. ACM Transactions on Information and System Security 5(1), 1–35 (2002)
Cavoukian, A., Hamilton, T.J.: The Privacy Payoff: How successful businesses build customer trust. McGraw-Hill/Ryerson (2002)
De Capitani di Vimercati, S., Samarati, P.: An authorization model for federated systems. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 99–117. Springer, Heidelberg (1996)
Fischer-Hübner, S.: IT-security and privacy: Design and use of privacy-enhancing security mechanisms. LNCS, vol. 1958. Springer, Heidelberg (2002)
Fu, Z., Wu, S.F., Huang, H., Loh, K., Gong, F., Baldine, I., Xu, C.: IPSec/VPN security policy: Correctness, conflict detection, and resolution. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 39–56. Springer, Heidelberg (2001)
Gligor, V., Khurana, H., Koleva, R., Bharadwaj, V., Baras, J.: On the negotiation of access control policies. In: Proc. 9th International Workshop on Security Protocols (2002)
Hosmer, H.: The multipolicy paradigm. In: Proc. 15th National Computer Security Conference, pp. 409–422 (1993)
Jajodia, S., Kudo, M., Subrahmanian, V.S.: Provisional authorization. In: Proc. Ecommerce Security and Privacy, pp. 133–159. Kluwer Academic Publishers, Dordrecht (2001)
Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.: Flexible support for multiple access control policies. ACM Transactions on Database Systems 26(4), 216–260 (2001)
Karjoth, G., Schunter, M.: A privacy policy model for enterprises. In: Proc. 15th IEEE Computer Security Foundations Workshop (CSFW), pp. 271–281 (2002)
Karjoth, G., Schunter, M., Waidner, M.: The platform for enterprise privacy practices – privacy-enabled management of customer data. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 69–84. Springer, Heidelberg (2003)
Moffett, J.D., Sloman, M.S.: Policy hierarchies for distributed systems management. IEEE JSAC Special Issue on Network Management 11(9), 1404–1414 (1993)
Platform for Privacy Preferences (P3P). W3C Recommendation (April 2002), http://www.w3.org/TR/2002/REC-P3P-20020416/
Ribeiro, C., Zuquete, A., Ferreira, P., Guedes, P.: SPL: An access control language for security policies with complex constraints. In: Proc. Network and Distributed System Security Symposium, NDSS (2001)
TRUSTe. Privacy Certification, Available at http://www.truste.com
eXtensible Access Control Markup Language (XACML). OASIS Committee Specification 1.0 (December 2002), http://www.oasis-open.org/committees/xacml
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Backes, M., Pfitzmann, B., Schunter, M. (2003). A Toolkit for Managing Enterprise Privacy Policies. In: Snekkenes, E., Gollmann, D. (eds) Computer Security – ESORICS 2003. ESORICS 2003. Lecture Notes in Computer Science, vol 2808. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39650-5_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-39650-5_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20300-1
Online ISBN: 978-3-540-39650-5
eBook Packages: Springer Book Archive