Obligation Language for Access Control and Privacy Policies
نویسندگان
چکیده
Defining and enforcing obligations are key aspects of privacy protection. Most of today’s access control and data handling languages recognize the importance of obligations and even provide extension points but lack concrete language constructs to actually express obligations. This position paper proposes requirements for a general obligation language spanning access control and usage control. A detailed analysis of our current obligation language and enforcement framework is provided and future extensions are discussed.
منابع مشابه
Purpose-Based Access Control Policies and Conflicting Analysis
This paper proposes a purpose-based framework for supporting privacy preserving access control policies and mechanisms. The mechanism enforces access policy to data containing personally identifiable information. The key component of the framework is purpose involved access control models (PAC) that provide full support for expressing highly complex privacy-related policies, taking into account...
متن کاملA Framework to Enforce Access Control, Usage Control and Obligations
In this paper, we define a core language to express access control, usage control and obligation policies and we specify a policy controller in charge of evaluating such policies. This policy language can be used to specify security requirements of many applications such as DRM (Digital Right Management), P2P or Web Service applications. It is used to express both contextual permissions and obl...
متن کاملA Policy-Oriented Language for Expressing Security Specifications
Organizations’ authorization policies are usually described by access control rules enforced on each protected object scattered all over the organization. Having a single global security policy specification would promote both security clarity and coherency [4, 9, 18, 31, 37]. Having a single security model for the whole organization, a single point of management and enforcement with a innumero...
متن کاملA Work ow Reference Monitor for Enforcing Purpose-Based Policies
Purpose is a key concept in privacy policies. Based on the purpose framework developed in our earlier work [11] we present an access control model for a work ow-based information system in which a work ows reference monitor ( WfRM ) enforces purpose-based policies. We use a generic access control policy language and show how it can be connected to the purpose modal logic language ( PML ) to lin...
متن کاملSpecification and Classification of Role-based Authorization Policies
Constraints are an important aspect of role-based access control (RBAC). Although the importance of constraints in RBAC has been recognized for a long time, they have not received much attention. In this paper we classify RBAC constraints into two major classes called prohibition constraints and obligation constraints. To specify these constraints, we utilize a formal language, named RCL2000. I...
متن کامل