QUT ePrints

Enforcing P3P policies using a digital rights management system

Salim, Farzad, Sheppard, Nicholas P., & Safavi-Naini, Rei (2007) Enforcing P3P policies using a digital rights management system. In Privacy Enhancing Technologies, Springer, University of Ottawa, Ottawa, pp. 200-217.

View at publisher

Abstract

The protection of privacy has gained considerable attention recently. In response to this, new privacy protection systems are being introduced. SITDRM is one such system that protects private data through the enforcement of licenses provided by consumers. Prior to supplying data, data owners are expected to construct a detailed license for the potential data users. A license specifies whom, under what conditions, may have what type of access to the protected data. The specification of a license by a data owner binds the enterprise data handling to the consumer’s privacy preferences. However, licenses are very detailed, may reveal the internal structure of the enterprise and need to be kept synchronous with the enterprise privacy policy. To deal with this, we employ the Platform for Privacy Preferences Language (P3P) to communicate enterprise privacy policies to consumers and enable them to easily construct data licenses. A P3P policy is more abstract than a license, allows data owners to specify the purposes for which data are being collected and directly reflects the privacy policy of an enterprise.

Impact and interest:

3 citations in Scopus
Search Google Scholar™
2 citations in Web of Science®

Citation countsare sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

56 since deposited on 22 Oct 2009
16 in the past twelve months

Full-text downloadsdisplays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 28176
Item Type: Conference Paper
Keywords: Digital Rights Management, Privacy Based Access Control, Formal Policy Language, Access Control System, MPEG REL
DOI: 10.1007/978-3-540-75551-7
ISBN: 9783540755500
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Architecture (080302)
Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Programming Languages (080308)
Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Security (080303)
Divisions: Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Institutes > Information Security Institute
Past > Schools > School of Information Systems
Copyright Owner: Copyright 2007 Springer
Copyright Statement: The original publication is available at www.springerlink.com
Deposited On: 23 Oct 2009 09:27
Last Modified: 11 Aug 2011 03:12

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page