Abstract
This paper uses an ECA based policy implementation engine to enforce simple EPAL based enterprise-wide privacy policies. This architecture supports simplified EPAL policies and enforcement requirements of a system that can autonomically manage data-privacy based on pre-specified EPAL policies. The policies are defined through a Graphical User Interface (GUI) and this paper discusses the main features of our proposed GUI. The objective of such an approach is to facilitate privacy administrators, with low IT skills, by setting privacy policies for managing the system.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Dayal, U., et al.: The HiPAC Project: Combining Active Databases and Timing Constraints. ACM Sigmod Record 17, 1 (1988)
Chakravarthy, S. (ed.): Active Databases, Special Issue of the Bulletin of the IEEE TC on Data Engineering, 15, 1–4 (1992)
Chakravarthy, S., Widom, J.: Proc. of the 4th Intl. Workshop on Research Issues in Data Engineering: Active Database Systems, Houston (February 1994)
Gatziu, S., Dittrich, K.R.: SAMOS. Active Rules in Database Systems, 233–247 (1999)
Coupaye, T., Collet, C.: Semantics Based Implementation of Flexible Execution Models for Active Database Systems. In: Proc. 14ème Journées Bases de Données Avancées, BDA (1998)
Gatziu, S., Geppert, A., Dittrich, K.R.: Integrating active concepts into an object-oriented database system. In: 3rd Int’l.Workshop on Database Programming Languages, Naflion (August 1991)
Chakravarthy, S., Anwar, E., Maugis, L.: Design and implementation of active capability for an object-oriented database, Technical Report UF-CIS-TR-93-001, University of Florida (January 1993)
Chakravarthy, S., Le, R., Desai, R.: ECA Rule processing in Distributed and Heterogeneous Environments. In: Proceedings of the International Symposium on Distributed Objects and Applications
Chakravarthy, S., Krishnaprasad, V., Tamizuddin, Z., Badani, R.H.: ECA Rule Integration into an OODBMS: Architecture and Implementation. In: Proc. Of the 11th Intl. Conf. On Data Engineering. Taipei, Taiwan (March 1995)
Chakravarthy, S., Mishra, D.: Snoop: An expressive event specification language for active databases. Knowledge and Data Engineering Journal 14, 1–26 (1994)
Bertino, E., Guerrini, G., Merlo, I.: Triggers in Java-based Databases. L’OBJET 6(3) (2000)
Bertino, E., Guerrini, G., Merlo, I.: Trigger Inheritance and Overriding in an Active Object Database System. TKDE 12(4), 588–608 (2000)
Lupu, E., Sloman, M.: Conflicts in Policy-Based Distributed Systems Management. IEEE Transactions on Software Engineering (TSE) 25(6), 852–869 (1999)
Bhattacharya, J., Gupta, S.K.: Privacy Broker for Enforcing Privacy Policies in Databases. In: KBCS-2004. Fifth international conference on knowledge based computer systems, Hyderabad, India (December 19-22 2004)
Schunter, M., et al.: Enterprise Privacy Authorization Language (EPAL 1.1), IBM Research Report, http://www.zurich.ibm.com/security/enterprise-privacy/epal
Batra, V., et al.: Policy Driven Data Administration. In: POLICY 2002, IEEE 3rd International Workshop on Policies for Distributed Systems and Networks (2002)
Agrawal, R., Kiernan, J., Srikant, R., Xiu, Y.: Hippocratic Databases (Vision Paper). IBM Almaden Research Center (2002)
Adam, N.R., Wortman, J.C.: Security-control methods for statistical databases. ACM Computing Surveys 21(4), 515–556 (1989)
Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison Wesley, Reading (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bhattacharya, J., Gupta, S.K. (2005). EPAL Based Privacy Enforcement Using ECA Rules. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2005. Lecture Notes in Computer Science, vol 3803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11593980_9
Download citation
DOI: https://doi.org/10.1007/11593980_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30706-8
Online ISBN: 978-3-540-32422-5
eBook Packages: Computer ScienceComputer Science (R0)