冲突问题的隐私保护访问控制策略和算法

2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications Pub Date : 2011-11-16 DOI:10.1109/TrustCom.2011.34

Lili Sun, Hua Wang, Xiaohui Tao, Yanchun Zhang, J. Yang

{"title":"冲突问题的隐私保护访问控制策略和算法","authors":"Lili Sun, Hua Wang, Xiaohui Tao, Yanchun Zhang, J. Yang","doi":"10.1109/TrustCom.2011.34","DOIUrl":null,"url":null,"abstract":"This paper proposes a framework for privacy preserving access control policies and mechanisms, and describes algorithms for access policy conflicting problems. The mechanism enforces access policy to data containing personally identifiable information. The key component of the framework is purpose involved access control models (PAC) that provide full support for expressing highly complex privacy-related policies, taking into account features like purposes, conditions and obligations. Policy conflicting problems may arise when new access policies are generated that are possible to be conflicted to existing policies. As a result of the policy conflicts, private information cannot be well protected. The structure of access control policy including conditions and obligations is studied. Based on the access policy, authorization models and policy operations are analysed. Finally comparisons to related works EPAL are presented.","PeriodicalId":289926,"journal":{"name":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","volume":"86 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Privacy Preserving Access Control Policy and Algorithms for Conflicting Problems\",\"authors\":\"Lili Sun, Hua Wang, Xiaohui Tao, Yanchun Zhang, J. Yang\",\"doi\":\"10.1109/TrustCom.2011.34\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper proposes a framework for privacy preserving access control policies and mechanisms, and describes algorithms for access policy conflicting problems. The mechanism enforces access policy to data containing personally identifiable information. The key component of the framework is purpose involved access control models (PAC) that provide full support for expressing highly complex privacy-related policies, taking into account features like purposes, conditions and obligations. Policy conflicting problems may arise when new access policies are generated that are possible to be conflicted to existing policies. As a result of the policy conflicts, private information cannot be well protected. The structure of access control policy including conditions and obligations is studied. Based on the access policy, authorization models and policy operations are analysed. Finally comparisons to related works EPAL are presented.\",\"PeriodicalId\":289926,\"journal\":{\"name\":\"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications\",\"volume\":\"86 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-11-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TrustCom.2011.34\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom.2011.34","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

摘要

提出了一种保护隐私的访问控制策略和机制框架，并描述了解决访问策略冲突问题的算法。该机制对包含个人可识别信息的数据实施访问策略。该框架的关键组件是目的相关访问控制模型(PAC)，它充分支持表达高度复杂的与隐私相关的策略，同时考虑到目的、条件和义务等特性。当生成可能与现有策略冲突的新访问策略时，可能会出现策略冲突问题。由于政策冲突，隐私信息不能得到很好的保护。研究了访问控制策略的结构，包括条件和义务。在访问策略的基础上，分析了授权模型和策略操作。最后与EPAL的相关著作进行了比较。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Privacy Preserving Access Control Policy and Algorithms for Conflicting Problems

This paper proposes a framework for privacy preserving access control policies and mechanisms, and describes algorithms for access policy conflicting problems. The mechanism enforces access policy to data containing personally identifiable information. The key component of the framework is purpose involved access control models (PAC) that provide full support for expressing highly complex privacy-related policies, taking into account features like purposes, conditions and obligations. Policy conflicting problems may arise when new access policies are generated that are possible to be conflicted to existing policies. As a result of the policy conflicts, private information cannot be well protected. The structure of access control policy including conditions and obligations is studied. Based on the access policy, authorization models and policy operations are analysed. Finally comparisons to related works EPAL are presented.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications

自引率

0.00%

发文量