Enforcing P3P policies using a digital rights management system
Salim, Farzad, Sheppard, Nicholas P., & Safavi-Naini, Rei (2007) Enforcing P3P policies using a digital rights management system. In Privacy Enhancing Technologies, Springer, University of Ottawa, Ottawa, pp. 200-217.
![[img]](http://eprints.qut.edu.au/style/images/fileicons/application_pdf.png)
Abstract
The protection of privacy has gained considerable attention recently. In response to this, new privacy protection systems are being introduced. SITDRM is one such system that protects private data through the enforcement of licenses provided by consumers. Prior to supplying data, data owners are expected to construct a detailed license for the potential data users. A license specifies whom, under what conditions, may have what type of access to the protected data.
The specification of a license by a data owner binds the enterprise data handling to the consumer’s privacy preferences. However, licenses are very detailed, may reveal the internal structure of the enterprise and need to be kept synchronous with the enterprise privacy policy. To deal with this, we employ the Platform for Privacy Preferences Language (P3P) to communicate enterprise privacy policies to consumers and enable them to easily construct data licenses. A P3P policy is more abstract than a license, allows data owners to specify the purposes for which data are being collected and directly reflects the privacy policy of an enterprise.
Citations:
Citation countsare sourced monthly from Scopus and Web of Science citation databases.
These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science generally from 1980 onwards.
Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.
Full-text downloads:
Full-text downloadsdisplays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.
| ID Code: | 28176 |
|---|---|
| Item Type: | Conference Paper |
| Keywords: | Digital Rights Management, Privacy Based Access Control, Formal Policy Language, Access Control System, MPEG REL |
| DOI: | 10.1007/978-3-540-75551-7 |
| ISBN: | 9783540755500 |
| Subjects: | Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Architecture (080302) Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Programming Languages (080308) Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Security (080303) |
| Divisions: | Past > QUT Faculties & Divisions > Faculty of Science and Technology Past > Institutes > Information Security Institute Past > Schools > School of Information Systems |
| Copyright Owner: | Copyright 2007 Springer |
| Copyright Statement: | The original publication is available at www.springerlink.com |
| Deposited On: | 23 Oct 2009 09:27 |
| Last Modified: | 11 Aug 2011 03:12 |
Export: EndNote | Dublin Core | BibTeX
Repository Staff Only: item control page