Skip to main content
Springer Nature Link
Log in

Semantic Generation of Clouds Privacy Policies

  • Conference paper
  • First Online:
Cloud Computing and Services Sciences (CLOSER 2014)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 512))

Included in the following conference series:

  • 494 Accesses

Abstract

The governance of privacy and personal information on cloud environments is challenging and complex. Usually many regulatory frameworks intervene to reflect diverse privacy wishes from several stakeholders. This includes data owners, data and services providers and also the end users. Focusing mainly on medical domains, this issue is particularly important due to the sensitivity of health related data in international data protection law. It is therefore essential to integrate heterogeneous privacy requirements in a semantic model and rules. Thereafter, overlaps, contradictions and similarities of privacy wishes could be detected and a final access control context would be captured before it is finally mapped to clouds operational policies. This paper describes a ontology-based semantic model of privacy requirements along with a logical formalism for mapping SWRL (Semantic Web Rule Language) privacy rules to a policy language that is implementable on clouds environments namely XACML. The underline implementation requirements for our formalism will be also explained.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Similar content being viewed by others

References

  1. Brandic, I., Dustdar, S., Anstett, T., Schumm, D., Leymann, F., Konrad, R.: Compliant cloud computing (C3): architecture and language support for user-driven compliance management in clouds. In: IEEE 3rd International Conference on Cloud Computing (2010)

    Google Scholar 

  2. EC.Directive 95/46/ECofthe European Parliament and of the Council (1995) (cited 2010). http://ec.europa.eu/justice/policies/privacy/law/index_en.htm#directive

  3. McCullagh, K.: Study of data protection: harmonization or confusion? In: Proceeding of the 21st BILETA Conference: Globalisation and Harmonisation in Technology Law. Malta (2006)

    Google Scholar 

  4. Beyleveld, D., Townend, D., Rouillé-Mirza, S., Wright, J.: Implementation of the Data Protection Directive in Relation to Medical Research in Europe. Ashgate Publishing Limited, UK (2004). ISBN-10: 0754623696

    Google Scholar 

  5. Iversen, A., Liddell, K., Fear, N., Hotopf, M., Consent, W.S.: Confidentiality and the data protection act. Br. Med. J. (Clin. Res. Ed.) 332(7534), 165–169 (2006)

    Article  Google Scholar 

  6. Italian Personal Data Protection Code (2003). http://www.privacy.it/privacycode-en.html. Legislative Decreeno. 196 of 30 June 2003 (cited 2012)

  7. The Open Cloud Standards Incubator (OCSI): Architecture for Managing Clouds, White Paper from the Open Cloud Standards Incubator 1.0, DMTF DSP-IS0102 (2010). http://www.dmtf.org/standards/published_documents/DSP-IS0101_1.0.pdf

  8. Horrocks, I., et al.: SWRL: a semantic web rule language combining OWL and RuleML (2004). http://www.w3.org/Submission/SWRL/. Accessed 2013

  9. OASIS XACML: eXtensible Access Control Markup Language (XACML), version 2.0 (2005). http://docs.oasisopen.org/xacml/2.0/XACML-2.0-OSNORMATIVE.zip

  10. Casassa Mont, M., Crosta, S., Kriegelstein, T., Sommer, D.: PRIME architecture V2. Deliverable D14.2.c. (2007). https://www.primeproject.eu/prime_products/reports/arch/pub_del_D14.2.c_ec_WP14.2_v1_Final.pdf. Accessed 2014

  11. Sommer, D., Casassa Mont, M., Pearson, S.: PRIME architecture V3. Deliverable 14.2.d (2008). https://www.primeproject.eu/prime_products/reports/arch/pub_del_D14.2.d_ec_WP14.2_v3_Final.pdf. Accessed 2014

  12. Casassa Mont, M., Shen, Y., Kounga, G., Pearson, S.: EnCoRe project deliverable D2.1. Technical Architecture for the First Realized Case Study [Online] (1.0) (2010). http://www.encoreproject.info. Accessed June 2014

  13. Rahmouni, H.B., Solomonides, T., Casassa Mont, M., Shiu, S.: Privacy compliance and enforcement on European healthgrids: an approach through ontology. Philos. Trans. R. Soc. 368, 4057–4072 (2010)

    Article  Google Scholar 

  14. Rahmouni, H.B., Solomonides, T., Casassa, M.M., Shiu, S., Rahmouni, M.A.: Modeldriven privacy compliance decision support for medical data sharing in europe. Methods Inf. Med. 50(4), 326–336 (2011)

    Article  Google Scholar 

  15. Muppavarapu, V., Chung, S.M.: Semantic-based access control for grid data resources in open grid services architecture - data access and integration (OGSA-DAI). In: 20th IEEE International Conference on Tools with Artificia lIntelligence (ICTAI 2008), Dayton, Ohio, USA. IEEE Computer Society (2008)

    Google Scholar 

  16. Gowadia, V., Scalavino, E., Lupu, E., Aziz, B.: The consequence project, deliverable D3.1: models and framework for meta-data generation and policy infrastructure (2008). http://www.consequenceproject.eu/Deliverables_Y1/D3.1.pdf

  17. Matteucci, I., Petrocchi, M., Sbodio, M.L.: CNL4DSA – a controlled natural language for data sharing agreements. In: Proceedings of the 2010 ACM Symposium on Applied Computing, Sierre, Switzerland. ACM (2010)

    Google Scholar 

  18. Boley, H., et al.: Schema specification of RuleML 1.0 (2010). http://ruleml.org/1.0/. Accessed 2012

  19. Bechhofer, S., et al.: OWL web ontology language reference (2004). http://www.w3.org/TR/owl-ref/. Accessed 2013

  20. Wang, K., Billington, D., Blee, J., Antoniou, G.: Combining description logic and defeasible logic for the semantic web. In: Antoniou, G., Boley, H. (eds.) Rules and Rule Markup Languages for the Semantic Web: Third International Workshop, RuleML. Lecture Notes in Computer Science, pp. 170–181. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  21. Gruber, T.R.: Toward principles for the design of ontologies used for knowledge sharing. Int. J. Hum. Comput. Stud. 43(4–5), 907–928 (1995)

    Article  Google Scholar 

  22. Demchenko, Y., Koeroo, O., de Laat, C., Sagehaug, H.: Extending XACML authorisation model to support policy obligations handling in distributed applications. In: Proceedings of the 6th International Workshop on Middleware for Grid Computing. ACM (2008)

    Google Scholar 

  23. Priebe, T. et al.: Supporting attribute-based access control with ontologies. ARES, pp. 465-472 (2006). doi:10.1109/ARES.2006.127

  24. Damiani, E., De Capitani di Vimercati, S., Fugazza, C., Samarati, P.: Extending policy languages to the semantic web. In: Fraternali, P., Koch, N., Wirsing, M. (eds.) ICWE 2004. LNCS, vol. 3140, pp. 330–343. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  25. Kolovski, V.: Formalizing XACML using defeasible description logics. Technical report TR-233-11. University of Maryland - College Park (2006)

    Google Scholar 

  26. Kolosvki, V.: Logic-based framework for web access control policies. Ph.D. thesis, Digital Repository at the University of Maryland, College Park, Md (2008)

    Google Scholar 

  27. Kolovski, V., Hendler, J.: XACML policy analysis using descriptionlogics (2008). http://www.mindswap.org/~kolovski/KolovskiXACMLAnalysis-JCSSubmission.pd. Accessed 2012

  28. Masi, M., Pugliese, R., Tiezzi, F.: Formalisation and implementation of the XACML access control mechanism. In: Livshits, B., Scandariato, R., Barthe, G. (eds.) ESSoS 2012. LNCS, vol. 7159, pp. 60–74. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  29. Bryans, J.W., Fitzgerald, J.S.: Formal engineering of XACML access control policies in VDM ++. In: Proceedings of the Formal Engineering Methods 9th International Conference on Formal Methods and Software Engineering, Boca Raton, FL, 14–15 November 2007

    Google Scholar 

  30. OASIS XACML: eXtensible Access Control Markup Language (XACML), version 3.0 (2013) http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.pdf. Accessed 2013

  31. Rahmouni, H.B., Solomonides, T., Casassa Mont, M., Shiu, S.: Ontology based privacy compliance for health data disclosure in Europe. Ph.D. thesis, University of the West of England, Bristol (2011)

    Google Scholar 

  32. Powers, C., Adler, S., Wishart, B.: EPAL translation of the freedom of information and protection of privacy act. In: White Paper, IBM Tivoli and Information and Privacy Commissioner, Ontario (2004)

    Google Scholar 

  33. Ontario: freedom of information and protection of privacy act (2008). http://www.elaws.gov.on.ca/html/statutes/english/elaws_statutes_90f31_e.htm. Accessed 2013

Download references

Author information

Authors and Affiliations

  1. Centre for Complex Cooperative Systems, Department of Computer Science and Creative Technologies, University of the West of England, Bristol, UK

    Hanene Boussi Rahmouni & Kamran Munir

  2. Hewlett-Packard Labs, Cloud and Security Lab, Bristol, UK

    Marco Casassa Mont

  3. Digital Security Research Unit, Sup’Com, University of Carthage, Tunis, Tunisia

    Hanene Boussi Rahmouni

  4. Center for Biomedical Research Informatics (CBRI) Research Institute, NorthShore University Health System, Evanston, USA

    Tony Solomonides

Authors
  1. Hanene Boussi Rahmouni
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kamran Munir
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Marco Casassa Mont
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tony Solomonides
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hanene Boussi Rahmouni .

Editor information

Editors and Affiliations

  1. School of Computing, Dublin City University, Dublin 9, Ireland

    Markus Helfert

  2. LIP / Inria Ecole normale supérieure de Lyon, Lyon, France

    Frédéric Desprez

  3. Dell, ROUND ROCK, USA

    Donald Ferguson

  4. University of Stuttgart, Stuttgart, Germany

    Frank Leymann

  5. Universitat Autònoma de Barcelona, Bellaterra, Spain

    Victor MĂ©ndez Munoz

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Rahmouni, H.B., Munir, K., Mont, M.C., Solomonides, T. (2015). Semantic Generation of Clouds Privacy Policies. In: Helfert, M., Desprez, F., Ferguson, D., Leymann, F., MĂ©ndez Munoz, V. (eds) Cloud Computing and Services Sciences. CLOSER 2014. Communications in Computer and Information Science, vol 512. Springer, Cham. https://doi.org/10.1007/978-3-319-25414-2_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-25414-2_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-25413-5

  • Online ISBN: 978-3-319-25414-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics