A privacy preserving assertion based policy language for federation systems

Anna C. Squicciarini, Ayca Azgin Hintoglu, Elisa Bertino, Yucel Saygin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

Identity federation systems enable participating organizations to provide services to qualified individuals and manage their identity attributes at an inter-organizational level. Most importantly, they empower individuals with control over the usage of their attributes within the federation via enforcement of various policies. Among such policies, one of the most important yet immature one is the privacy policy. Existing frameworks proposed for privacy-preserving federations lack the capability to support complex data-usage preferences in the form of obligations, i.e. the privacy related actions that must be performed upon certain actions on a specific piece of information. Moreover, they do not account for the history of events resulting from the interactions among federation entities. To address these deficiencies we propose an extension to an existing assertion based policy language. More specifically, we provide a new set of assertions to define the privacy related properties of a federation system. We extend the com-mon definition of privacy preference policies with obligation preferences. Finally, we illustrate how the proposed framework is realized among service providers to ensure proper enforcement of privacy policies and obligations.

Original languageEnglish (US)
Title of host publicationSACMAT'07
Subtitle of host publicationProceedings of the 12th ACM Symposium on Access Control Models and Technologies
Pages51-60
Number of pages10
DOIs
StatePublished - Aug 24 2007
EventSACMAT'07: 12th ACM Symposium on Access Control Models and Technologies - Sophia Antipolis, France
Duration: Jun 20 2007Jun 22 2007

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Other

OtherSACMAT'07: 12th ACM Symposium on Access Control Models and Technologies
CountryFrance
CitySophia Antipolis
Period6/20/076/22/07

All Science Journal Classification (ASJC) codes

  • Computer Science(all)

Cite this

Squicciarini, A. C., Hintoglu, A. A., Bertino, E., & Saygin, Y. (2007). A privacy preserving assertion based policy language for federation systems. In SACMAT'07: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies (pp. 51-60). (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT). https://doi.org/10.1145/1266840.1266849