Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Article type: Research Article
Authors: Casassa Mont, Marcoa; * | Thyne, Robertb
Affiliations: [a] Hewlett-Packard Labs, Filton Road, Stoke Gifford, Bristol, BS34 8QZ, UK. E-mail: [email protected] | [b] Hewlett-Packard (Canada Co.), 901 King Street West, Toronto, M5V 3H5, Canada. E-mail: [email protected]
Correspondence: [*] Corresponding author: Marco Casassa Mont, Hewlett-Packard Labs, Filton Road, Stoke Gifford, Bristol, BS34 8QZ, UK. Tel.: +44 117 3128795; Fax: +44 117 3129250; E-mail: [email protected]
Abstract: People are usually asked by enterprises to disclose their personal information to access web services and engage in business interactions. Enterprises need this information to enable their business processes. This is unlikely to change, at least in the foreseeable future. When collecting personal data, enterprises must satisfy privacy laws and policies along with addressing people's expectations on how their data should be handled. Currently much is done by means of manual processes, in particular in terms of privacy enforcement: these processes are prone to mistakes and hard to comply with. Automation can help enterprises to deal with these privacy management issues, in particular the enforcement of privacy policies on collected personal data. Enterprises have already been investing in identity management solutions: they require that approaches to automate privacy management should keep into account and leverage these solutions. This paper discusses our research and development work to automate the enforcement of privacy policies in enterprises. Our model of privacy policy enforcement is introduced along with the technical details of a related prototype, integrated (as a proof of concept) with HP Select Access, a state-of-the-art identity management solution. This technology is currently under productisation. We discuss our current results and next steps.
Keywords: Privacy, privacy policies, privacy enforcement, access control, identity management
DOI: 10.3233/JCS-2008-16203
Journal: Journal of Computer Security, vol. 16, no. 2, pp. 133-163, 2008
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]