Extended Privacy Definition Tool
نویسندگان
چکیده
Eliciting non-functional security requirements within a company was one of the major aspects of the SIKOSA project. Scenarios, such as that of METRO presented in this paper, show how besides a company’s internal requirements, customers’ preferences also play an important role. However, conflicts between specific customers’ privacy policies and those of a company need to be detected and dealt with. To this end we present a policy language that is able to tackle this comparison problem and two tools: An editor tool allowing users to specify their policies in a user-friendly way and a monitoring tool to evaluate und enforce the policies at runtime.
منابع مشابه
Rényi Differential Privacy
We propose a natural relaxation of differential privacy based on the Rényi divergence. Closely related notions have appeared in several recent papers that analyzed composition of differentially private mechanisms. We argue that the useful analytical tool can be used as a privacy definition, compactly and accurately representing guarantees on the tails of the privacy loss. We demonstrate that th...
متن کاملThe Differential Privacy Frontier (Extended Abstract)
We review the definition of differential privacy and briefly survey a handful of very recent contributions to the differential privacy frontier.
متن کاملAn Expertise-driven Authoring Tool of Privacy Policies for e-Health
Data sharing on the Internet is crucial in many aspects of nowadays life, from economy to leisure, from public administration to healthcare. However, it implies several privacy issues that have to be managed. Definition of appropriate policies helps to safeguard the data privacy. This paper describes an authoring tool for privacy policies to be applied to the healthcare scenario. The tool exhib...
متن کاملIntegrating privacy requirements considerations into a security requirements engineering method and tool
In this paper we examine a method for identifying privacy requirements within the context of a security requirements engineering method. We briefly describe the security quality requirements engineering (SQUARE) methodology. Next we discuss our definition of privacy and the associated privacy concerns. We discuss the challenges of privacy requirements engineering and the need for incorporating ...
متن کاملVisualizing Privacy Implications of Access Control Policies in Social Network Systems
We hypothesize that, in a Facebook-style social network system, proper visualization of one’s extended neighborhood could help the user understand the privacy implications of her access control policies. However, an unrestricted view of one’s extended neighborhood may compromise the privacy of others. To address this dilemma, we propose a privacy-enhanced visualization tool, which approximates ...
متن کامل