ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Digital Library logoTake a look at the new version of this page: [ beta version ]. Tell us what you think.
Enterprise privacy promises and enforcement
Full text PdfPdf (261 KB)
Source Annual Symposium on Principles of Programming Languages archive
Proceedings of the 2005 workshop on Issues in the theory of security table of contents
Long Beach, California
Pages: 58 - 66  
Year of Publication: 2005
ISBN:1-58113-980-2
Authors
Adam Barth  Stanford University
John C. Mitchell  Stanford University
Sponsor
SIGPLAN: ACM Special Interest Group on Programming Languages
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 5,   Downloads (12 Months): 64,   Citation Count: 4
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1045405.1045412
What is a DOI?

Warning: The download time has expired please click on the item to try again.


ABSTRACT

Several formal languages have been proposed to encode privacy policies, ranging from the Platform for Privacy Preferences (P3P), intended for communicating privacy policies to consumers over the web, to the Enterprise Privacy Authorization Language (EPAL), intended to enable policy enforcement within an enterprise. However, current technology does not allow an enterprise to determine whether its detailed, internal enforcement policy meets its published privacy promises. We present a data-centric, unified model for privacy, equipped with a modal logic for reasoning about permission inheritance across data hierarchies. We use this model to critique two privacy preference languages (APPEL and XPref), to justify P3P's policy summarization algorithm, and to connect privacy policy languages, such as EPAL. Specifically, we characterize when one policy enforces another and provide an algorithm for generating the most specific privacy promises, at a given level of detail, guaranteed by a more detailed enforcement policy.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Mark S. Ackerman , Lorrie Faith Cranor , Joseph Reagle, Privacy in e-commerce: examining user scenarios and privacy preferences, Proceedings of the 1st ACM conference on Electronic commerce, p.1-8, November 03-05, 1999, Denver, Colorado, United States  [doi>10.1145/336992.336995]
2
Rakesh Agrawal , Jerry Kiernan , Ramakrishnan Srikant , Yirong Xu, An XPath-based preference language for P3P, Proceedings of the 12th international conference on World Wide Web, May 20-24, 2003, Budapest, Hungary  [doi>10.1145/775152.775241]
 
3
M. Backes, M. Dürmuth, and R. Steinwandt. An algebra for composing enterprise privacy policies. In European Symposium on Research in Computer Security (ESORICS). Springer Lecture Notes in Computer Science 3193, 2004.
4
Michael Backes , Günter Karjoth , Walid Bagga , Matthias Schunter, Efficient comparison of enterprise privacy policies, Proceedings of the 2004 ACM symposium on Applied computing, March 14-17, 2004, Nicosia, Cyprus  [doi>10.1145/967900.967983]
 
5
M. Backes, B. Pfitzmann, and M. Schunter. A toolkit for managing enterprise privacy policies. In European Symposium on Research in Computer Security (ESORICS), pages 101--119. Springer Lecture Notes in Computer Science 2808, 2003.
6
Adam Barth , John C. Mitchell , Justin Rosenstein, Conflict and combination in privacy policy languages, Proceedings of the 2004 ACM workshop on Privacy in the electronic society, October 28-28, 2004, Washington DC, USA  [doi>10.1145/1029179.1029195]
 
7
M. Bishop. Computer Security: Art and Science. Addison Wesley Professional, 2003.
8
Simon Byers , Lorrie Faith Cranor , David Kormann, Automated analysis of P3P-enabled Web sites, Proceedings of the 5th international conference on Electronic commerce, p.326-338, September 30-October 03, 2003, Pittsburgh, Pennsylvania  [doi>10.1145/948005.948048]
 
9
B. F. Chellas. Modal Logic: An Introduction. Cambridge University Press, 1980.
 
10
J. Clark and S. DeRose. XML path language (XPath), 1999. http://www.w3.org/TR/xpath/.
11
Jason Crampton, On permissions, inheritance and role hierarchies, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA  [doi>10.1145/948109.948123]
 
12
Lorrie Faith Cranor , Lawrence Lessig, Web Privacy with P3p, O'Reilly & Associates, Inc., Sebastopol, CA, 2002
 
13
L. F. Cranor, M. Langheinrich, M. Marchiori, M. Presler-Marshall, and J. Reagle. The platform for privacy preferences 1.0 (P3P1.0) specification, 2002. http://www.w3.org/TR/P3P/.
14
Janice Glasgow , Glenn Macewen , Prakash Panangaden, A logic for reasoning about security, ACM Transactions on Computer Systems (TOCS), v.10 n.3, p.226-264, Aug. 1992  [doi>10.1145/146937.146940]
15
Sushil Jajodia , Pierangela Samarati , Maria Luisa Sapino , V. S. Subrahmanian, Flexible support for multiple access control policies, ACM Transactions on Database Systems (TODS), v.26 n.2, p.214-260, June 2001  [doi>10.1145/383891.383894]
16
Carlos Jensen , Colin Potts, Privacy policies as decision-making tools: an evaluation of online privacy notices, Proceedings of the SIGCHI conference on Human factors in computing systems, p.471-478, April 24-29, 2004, Vienna, Austria  [doi>10.1145/985692.985752]
 
17
Günter Karjoth , Matthias Schunter, A Privacy Policy Model for Enterprises, Proceedings of the 15th IEEE Computer Security Foundations Workshop (CSFW'02), p.271, June 24-26, 2002
 
18
R. Pucella and V. Weissman. Reasoning about dynamic policies. In Foundations of Software Science and Computation Structures (FOSSACS), 2004.
19
Joseph Reagle , Lorrie Faith Cranor, The platform for privacy preferences, Communications of the ACM, v.42 n.2, p.48-55, Feb. 1999  [doi>10.1145/293411.293455]
 
20
M. Schunter, P. Ashley, S. Hada, G. Karjoth, C. Powers, and M. Schunter. Enterprise privacy authorization language (EPAL 1.1), 2003. http://www.zurich.ibm.com/security/enterprise-privacy/epal/Specification/.

CITED BY  4
Anne H. Anderson, A comparison of two privacy policy languages: EPAL and XACML, Proceedings of the 3rd ACM workshop on Secure web services, November 03-03, 2006, Alexandria, Virginia, USA
Peter Bodorik , Dawn Jutla , Mike Xuehai Wang, Consistent privacy preferences (CPP): model, semantics, and properties, Proceedings of the 2008 ACM symposium on Applied computing, March 16-20, 2008, Fortaleza, Ceara, Brazil
Paolo Guarda , Nicola Zannone, Towards the development of privacy-aware systems, Information and Software Technology, v.51 n.2, p.337-350, February, 2009
Bettina Berendt , SöRen Preibusch , Maximilian Teltzrow, A Privacy-Protecting Business-Analytics Service for On-Line Transactions, International Journal of Electronic Commerce, v.12 n.3, p.115-150, Number 3 / Spring 2008

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

Additional Classification:
  K. Computing Milieux
  K.4 COMPUTERS AND SOCIETY
      K.4.1 Public Policy Issues
          Subjects: Privacy


General Terms:
Languages, Security, Theory


Keywords:
EPAL, P3P, modal logic, policy summary, privacy policy

Collaborative Colleagues:
Adam Barth: colleagues
John C. Mitchell: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2010 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player