Towards defining semantic foundations for purpose-based privacy policies
Jafari, Mohammad, Fong, Philip W. L., Safavi-Naini, Rei, Barker, Ken, & Sheppard, Nicholas P. (2011) Towards defining semantic foundations for purpose-based privacy policies. In Proceedings of the First ACM Conference on Data and Application Security and Privacy (CODASPY '11), ACM, Hilton Palacio Del Rio, San Antonio, Texas, pp. 213-224.
We define a semantic model for purpose, based on which purpose-based privacy policies can be meaningfully expressed and enforced in a business system. The model is based on the intuition that the purpose of an action is determined by its situation among other inter-related actions. Actions and their relationships can be modeled in the form of an action graph which is based on the business processes in a system. Accordingly, a modal logic and the corresponding model checking algorithm are developed for formal expression of purpose-based policies and verifying whether a particular system complies with them. It is also shown through various examples, how various typical purpose-based policies as well as some new policy types can be expressed and checked using our model.
Impact and interest:
Citation counts are sourced monthly from and citation databases.
Citations counts from theindexing service can be viewed at the linked Google Scholar™ search.
|Item Type:||Conference Paper|
|Subjects:||Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTATION THEORY AND MATHEMATICS (080200) > Computational Logic and Formal Languages (080203)
Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Security (080303)
|Divisions:||Current > QUT Faculties and Divisions > Division of Technology, Information and Learning Support|
|Deposited On:||27 Feb 2011 22:11|
|Last Modified:||11 Jan 2012 22:04|
Repository Staff Only: item control page