Identity federation systems enable participating organizations to provide services to qualified individuals and manage their identity attributes at an inter-organizational level. Most importantly, they empower individuals with control over the usage of their attributes within the federation via enforcement of various policies. Among such policies, one of the most important yet immature one is the privacy policy. Existing frameworks proposed for privacy-preserving federations lack the capability to support complex data-usage preferences in the form of obligations, i.e. the privacy related actions that must be performed upon certain actions on a specific piece of information. Moreover, they do not account for the history of events resulting from the interactions among federation entities.

To address these deficiencies we propose an extension to an existing assertion based policy language. More specifically, we provide a new set of assertions to define the privacy related properties of a federation system. We extend the com-mon definition of privacy preference policies with obligation preferences. Finally, we illustrate how the proposed framework is realized among service providers to ensure proper enforcement of privacy policies and obligations.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Liberty architecture framework for supporting privacy preference expression languages, 2003. Available at http://www.projectliberty.org/liberty/files/whitepapers.
	2	Gail-Joon Ahn , John Lam, Managing privacy preferences for federated identity management, Proceedings of the 2005 workshop on Digital identity management, November 11-11, 2005, Fairfax, VA, USA  [doi>10.1145/1102486.1102492]
	3	Elisa Bertino , Abhilasha Bhargav-Spantzel , Anna Cinzia Squicciarini, Policy Languages for Digital Identity Management in Federation Systems, Proceedings of the Seventh IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'06), p.54-66, June 05-07, 2006  [doi>10.1109/POLICY.2006.22]
	4	L. Cranor, M. Langheinrich, M. Marchiori, and J. Reagle. The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. W3C Recommendation, April 2002. At http://www.w3.org/TR/P3P/.
	5	http://www.projectliberty.org. Liberty Alliance Project.
	6	http://www.w3.org/TR/P3P preferences/. P3P Preference Exchange Language 1.0 (APPEL1.0).
	7	http://www.zurich.ibm.com/security/enterpriseprivacy/epal/. EPAL 1.0 Specification.
	8	Paul Ashley , Satoshi Hada , Günter Karjoth , Matthias Schunter, E-P3P privacy policies and privacy authorization, Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society, p.103-109, November 21-21, 2002, Washington, DC  [doi>10.1145/644527.644538]
	9	Wikipedia. Privacy - wikipedia, the free encyclopedia, 2005.