Modern business environments amass and exchange a great deal of sensitive information about their employees, customers, products, et cetera, acknowledging privacy to be not only a business but also an ethical and legal requirement. Any privacy violation certainly includes some access to personal information and, intuitively, access control constitutes a fundamental aspect of privacy protection. In that respect, many organizations use security policies to control access to sensitive resources and the employed security models must provide means to handle flexible and dynamic requirements. Consequently, the definition of an expressive privacy-aware access control model constitutes a crucial issue. Among the technologies proposed, there are various access control models incorporating features designed to enforce privacy protection policies, taking mainly into account the purpose of the access, privacy obligations, as well as other contextual constraints, aiming at the accomplishment of the privacy protection requirements. This chapter studies these models, along with the aforementioned features.
Web 2.0 technologies have fundamentally reshaped everyday users’ perceptions regarding online services by strengthening the importance of individual participation. This profound change is expanding to substantially affect modern enterprise operations and especially corporate information management practices. Well-established business models are upgraded to capture value from the establishment of dynamic coalitions and virtual organizations among remote stakeholders. However, these collaboration formulations dictate the concentration, use, and circulation of corporate information and sensitive personal data, and thus ignite severe security and privacy concerns. Enterprises against this background are more than willing to invest in terms cost and time in order to enforce the necessary countermeasures and thus build and maintain the trustworthiness of involved operations. This chapter studies how legislation and inherent characteristics of this new collaboration paradigm affect the qualities of trust and highlights prominent features of security and privacy protection measures that can deal with emerging trust issues.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.