Automatic compliance of privacy policies in federated digital identity management

Anna Squicciarini, Marco Casassa Mont, Abhilasha Bhargav-Spantzel, Elisa Bertino

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

Privacy [4] in the digital world is an important problem which is becoming even more pressing as new collaborative applications are developed. The lack of privacy preserving mechanisms is particularly problematic in federated identity management contexts. In such a context, users can seamlessly interact with a variety of federated web services, through the use of single-sign-on mechanisms and the capability of sharing personal data among these web services. We argue that comprehensive privacy policies should be stated by federated service providers and proactively checked by these providers, before disclosing users' data to federated partners. To address such requirements, we introduce mechanisms and algorithms for policy compliance checking between federated service providers, based on an innovative policy subsumption approach. We formally introduce and analyze our approach.

Original languageEnglish (US)
Title of host publicationProceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008
Pages89-92
Number of pages4
DOIs
StatePublished - Sep 22 2008
Event9th IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008 - Palisades, NY, United States
Duration: Jun 2 2008Jun 4 2008

Publication series

NameProceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008

Other

Other9th IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008
CountryUnited States
CityPalisades, NY
Period6/2/086/4/08

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Control and Systems Engineering

Cite this

Squicciarini, A., Mont, M. C., Bhargav-Spantzel, A., & Bertino, E. (2008). Automatic compliance of privacy policies in federated digital identity management. In Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008 (pp. 89-92). [4556584] (Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008). https://doi.org/10.1109/POLICY.2008.46