Privacy-Aware Role-Based Access Control

Ni, Qun; Bertino, Elisa; Lobo, Jorge; Calo, Seraphin

doi:10.1109/msp.2009.102

Cited by 96 publications

(73 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Bünnig and Cap [12] describe privacy as protecting personal information from being misused by malicious entities and allowing certain authorised entities to access that personal information by making it visible to them. While, Ni et al [13] define privacy as a set of policies that force the system to protect private information.…”

Section: Privacy Definitionmentioning

confidence: 99%

The Effect of Privacy Policies on Information Sharing Behavior on Social Networks: A Systematic Literature Review

Mitchell¹,

El‐Gayar²

2020

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

Online social networks (OSN) such as Facebook andInstagram have dramatically changed the way people operate. It however raises specific privacy concerns due to their inherent handling of personal data. The paper highlights the privacy concerns associated with OSN, strategies to protect the users' privacy, and finally the overall effect of privacy policies on information sharing behavior on OSN. In a systematic review, we examined 51 full papers that explore privacy concerns in OSN, strategies to protect users' privacy, and the effects of privacy policies on the users' information sharing behavior. The overall findings disclosed that users are concerned about their identity being stolen, and how third-party applications use their information. However, privacy policies do not have a direct impact on the information sharing behavior of OSN users. The findings help researchers and practitioners better understand the impact of privacy concerns on users' information sharing behavior on OSN.

show abstract

Section: Privacy Definitionmentioning

confidence: 99%

The Effect of Privacy Policies on Information Sharing Behavior on Social Networks: A Systematic Literature Review

Mitchell¹,

El‐Gayar²

2020

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

“…Basin et al [5] show how to describe privacy policies in metric first-order temporal logic (MFOTL), and how to build a component that monitors in realtime whether these policies are being violated. Nissenbaum et al [4] also describe privacy policies using linear temporal logic (LTL), and this has inspired a lot of research into systems such as P-RBAC, which enforces low-level privacy-related conditions at run-time [17]. Most of this research has concentrated on verifying at run-time whether or not a given action is permitted by a given set of privacy policies.…”

Section: Related Workmentioning

confidence: 99%

Constructing Independently Verifiable Privacy-Compliant Type Systems for Message Passing between Black-Box Components

Adams¹,

Schupp²

2018

EasyChair Preprints

View full text Add to dashboard Cite

Privacy by design (PbD) is the principle that privacy should be considered at every stage of the software engineering process. It is increasingly both viewed as best practice and required by law. It is therefore desirable to have formal methods that provide guarantees that certain privacy-relevant properties hold. We propose an approach that can be used to design a privacy-compliant architecture without needing to know the source code or internal structure of any individual component. We model an architecture as a set of agents or components that pass messages to each other. We present in this paper algorithms that take as input an architecture and a set of privacy constraints, and output an extension of the original architecture that satisfies the privacy constraints.

show abstract

“…A policy redundancy detection method based on Chang-Impact analysis was presented in this paper; however, no corresponding detection model was proposed and the support and application of this detection technique were absent. Besides the above researches, policy redundancies can be detected by classifying the subject based on the security level and role [21,22], and then all policy redundancies can be eliminated by revising policies.…”

Section: Mathematical Problems In Engineeringmentioning

confidence: 99%

Elimination of the Redundancy Related to Combining Algorithms to Improve the PDP Evaluation Performance

Fan

Zhang

Zhou

et al. 2016

Mathematical Problems in Engineering

View full text Add to dashboard Cite

If there are lots of redundancies in the policies loaded on the policy decision point (PDP) in the authorization access control model, the system will occupy more resources in operation and consumes plenty of evaluation time and storage space. In order to detect and eliminate policy redundancies and then improve evaluation performance of the PDP, a redundancy related to combining algorithms detecting and eliminating engine is proposed in this paper. This engine cannot only detect and eliminate the redundancy related to combining algorithms, but also evaluate access requests. A Resource Brick Wall is constructed by the engine according to the resource attribute of a policy's target attributes. By the Resource Brick Wall and the policy/rule combining algorithms, three theorems for detecting redundancies related to combining algorithms are proposed. A comparison of the evaluation performance of the redundancy related to combining algorithms detecting and eliminating engine with that of Sun PDP is made. Experimental results show that the evaluation performance of the PDP can be prominently improved by eliminating the redundancy related to combining algorithms.

show abstract

Privacy-Aware Role-Based Access Control

Cited by 96 publications

References 12 publications

The Effect of Privacy Policies on Information Sharing Behavior on Social Networks: A Systematic Literature Review

The Effect of Privacy Policies on Information Sharing Behavior on Social Networks: A Systematic Literature Review

Constructing Independently Verifiable Privacy-Compliant Type Systems for Message Passing between Black-Box Components

Elimination of the Redundancy Related to Combining Algorithms to Improve the PDP Evaluation Performance

Contact Info

Product

Resources

About