Skip to main content
Springer Nature Link
Log in

EPAL Based Privacy Enforcement Using ECA Rules

  • Conference paper
Information Systems Security (ICISS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3803))

Included in the following conference series:

Abstract

This paper uses an ECA based policy implementation engine to enforce simple EPAL based enterprise-wide privacy policies. This architecture supports simplified EPAL policies and enforcement requirements of a system that can autonomically manage data-privacy based on pre-specified EPAL policies. The policies are defined through a Graphical User Interface (GUI) and this paper discusses the main features of our proposed GUI. The objective of such an approach is to facilitate privacy administrators, with low IT skills, by setting privacy policies for managing the system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Dayal, U., et al.: The HiPAC Project: Combining Active Databases and Timing Constraints. ACM Sigmod Record 17, 1 (1988)

    Google Scholar 

  2. Chakravarthy, S. (ed.): Active Databases, Special Issue of the Bulletin of the IEEE TC on Data Engineering, 15, 1–4 (1992)

    Google Scholar 

  3. Chakravarthy, S., Widom, J.: Proc. of the 4th Intl. Workshop on Research Issues in Data Engineering: Active Database Systems, Houston (February 1994)

    Google Scholar 

  4. Gatziu, S., Dittrich, K.R.: SAMOS. Active Rules in Database Systems, 233–247 (1999)

    Google Scholar 

  5. Coupaye, T., Collet, C.: Semantics Based Implementation of Flexible Execution Models for Active Database Systems. In: Proc. 14ème Journées Bases de Données Avancées, BDA (1998)

    Google Scholar 

  6. Gatziu, S., Geppert, A., Dittrich, K.R.: Integrating active concepts into an object-oriented database system. In: 3rd Int’l.Workshop on Database Programming Languages, Naflion (August 1991)

    Google Scholar 

  7. Chakravarthy, S., Anwar, E., Maugis, L.: Design and implementation of active capability for an object-oriented database, Technical Report UF-CIS-TR-93-001, University of Florida (January 1993)

    Google Scholar 

  8. Chakravarthy, S., Le, R., Desai, R.: ECA Rule processing in Distributed and Heterogeneous Environments. In: Proceedings of the International Symposium on Distributed Objects and Applications

    Google Scholar 

  9. Chakravarthy, S., Krishnaprasad, V., Tamizuddin, Z., Badani, R.H.: ECA Rule Integration into an OODBMS: Architecture and Implementation. In: Proc. Of the 11th Intl. Conf. On Data Engineering. Taipei, Taiwan (March 1995)

    Google Scholar 

  10. Chakravarthy, S., Mishra, D.: Snoop: An expressive event specification language for active databases. Knowledge and Data Engineering Journal 14, 1–26 (1994)

    Article  Google Scholar 

  11. Bertino, E., Guerrini, G., Merlo, I.: Triggers in Java-based Databases. L’OBJET 6(3) (2000)

    Google Scholar 

  12. Bertino, E., Guerrini, G., Merlo, I.: Trigger Inheritance and Overriding in an Active Object Database System. TKDE 12(4), 588–608 (2000)

    Google Scholar 

  13. Lupu, E., Sloman, M.: Conflicts in Policy-Based Distributed Systems Management. IEEE Transactions on Software Engineering (TSE) 25(6), 852–869 (1999)

    Article  Google Scholar 

  14. Bhattacharya, J., Gupta, S.K.: Privacy Broker for Enforcing Privacy Policies in Databases. In: KBCS-2004. Fifth international conference on knowledge based computer systems, Hyderabad, India (December 19-22 2004)

    Google Scholar 

  15. Schunter, M., et al.: Enterprise Privacy Authorization Language (EPAL 1.1), IBM Research Report, http://www.zurich.ibm.com/security/enterprise-privacy/epal

  16. Batra, V., et al.: Policy Driven Data Administration. In: POLICY 2002, IEEE 3rd International Workshop on Policies for Distributed Systems and Networks (2002)

    Google Scholar 

  17. Agrawal, R., Kiernan, J., Srikant, R., Xiu, Y.: Hippocratic Databases (Vision Paper). IBM Almaden Research Center (2002)

    Google Scholar 

  18. Adam, N.R., Wortman, J.C.: Security-control methods for statistical databases. ACM Computing Surveys 21(4), 515–556 (1989)

    Article  Google Scholar 

  19. Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison Wesley, Reading (1995)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology, Delhi, New Delhi, 110016, India

    Jaijit Bhattacharya & S. K. Gupta

Authors
  1. Jaijit Bhattacharya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. K. Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, VA 22030, Fairfax, USA

    Sushil Jajodia

  2. Jadavpur University, 7000032, Kolkata, India

    Chandan Mazumdar

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bhattacharya, J., Gupta, S.K. (2005). EPAL Based Privacy Enforcement Using ECA Rules. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2005. Lecture Notes in Computer Science, vol 3803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11593980_9

Download citation

  • DOI: https://doi.org/10.1007/11593980_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30706-8

  • Online ISBN: 978-3-540-32422-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics