Towards defining semantic foundations for purpose-based privacy policies

Jafari, Mohammad, Wong, Philip, Safavi-Naini, Reihaneh, Barker, Ken, & Sheppard, Nicholas (2011) Towards defining semantic foundations for purpose-based privacy policies. In Sandhu, R & Bertino, E (Eds.) Proceedings of the 1st ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, United States of America, pp. 213-224.

Preview

Accepted Version (PDF 369kB)
40324.pdf.

View at publisher

Description

We define a semantic model for purpose, based on which purpose-based privacy policies can be meaningfully expressed and enforced in a business system. The model is based on the intuition that the purpose of an action is determined by its situation among other inter-related actions. Actions and their relationships can be modeled in the form of an action graph which is based on the business processes in a system. Accordingly, a modal logic and the corresponding model checking algorithm are developed for formal expression of purpose-based policies and verifying whether a particular system complies with them. It is also shown through various examples, how various typical purpose-based policies as well as some new policy types can be expressed and checked using our model.

Impact and interest:

32 citations in Scopus

Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

273 since deposited on 27 Feb 2011

29 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

More statistics...

ID Code:	40324
Item Type:	Chapter in Book, Report or Conference volume (Conference contribution)
Measurements or Duration:	12 pages
Keywords:	Access Control, Modal Logic, Privacy Policy, Purpose
DOI:	10.1145/1943513.1943541
ISBN:	978-1-4503-0466-5
Pure ID:	32016519
Divisions:	Past > QUT Faculties & Divisions > Division of Technology, Information and Library Services
Copyright Owner:	Consult author(s) regarding copyright matters
Copyright Statement:	This work is covered by copyright. Unless the document is being made available under a Creative Commons Licence, you must assume that re-use is limited to personal use and that permission from the copyright owner must be obtained for all other uses. If the document is available under a Creative Commons License (or other specified license) then refer to the Licence for details of permitted re-use. It is a condition of access that users recognise and abide by the legal requirements associated with these rights. If you believe that this work infringes copyright please provide details by email to qut.copyright@qut.edu.au
Deposited On:	27 Feb 2011 22:11
Last Modified:	03 May 2024 22:09

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page

CORE (COnnecting REpositories)