Skip to main content
SpringerLink
Log in

Privacy Administration in Distributed Service Infrastructure

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2010)

  • 1778 Accesses

Abstract

In this paper, we propose a framework to administrate privacy policies in distributed service infrastructure. We define new administrative capabilities that model user preferences and specify how data owners can access to them. We investigate a distributed administration of the privacy policy where three different administrative policies can coexist and one can dominate the other. We define the data collector practices, the legal organisation policies, such as emergency service’s policies, and the negotiated policy between the data collector and services providers. We finally specify how to manage these three distributed privacy administration policies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 3rd Generation Partnership Project: Open Service Access; Application Programming Interface (API); Part 3: Framework, 3GPP TS 29.198-3

    Google Scholar 

  2. Acquisti, A., Grossklags, J.: Privacy Rationality in Individual Dicision Making. IEEE Security and Privacy 1(1), 26–33 (2005)

    Article  Google Scholar 

  3. Ajam, N., Cuppens, N., Cuppens, F.: Contextual Privacy Management in Extended Role based Access Control Model. In: The Proceedings of the DPM workshop, DPM-ESORICS, Saint-Malo, France (September 2009)

    Google Scholar 

  4. Ben Ghorbel-Talbi, M.: Decentralized Administration of Security Policies, PhD thesis, Télécom Bretagne (2009)

    Google Scholar 

  5. Ben Ghorbel-Talbi, M., Cuppens, F., Cuppens-Boulahia, N., Bouhoula, A.: An Extended Role-Based Access Control Model for Delegating Obligations. In: Fischer-Hübner, S., Lambrinoudakis, C., Pernul, G. (eds.) Trust, Privacy and Security in Digital Business. LNCS, vol. 5695, pp. 127–137. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  6. Byun, J., Bertino, E., Li, N.: Purpose Based Access Control of Complex Data for Privacy Protection. In: Symposium on Access Control Models and Technologies (SACMAT), Stockholm, Sweden, pp. 102–110 (2005)

    Google Scholar 

  7. Coma, C.: Interopérabilité et Cohérence de politiques de sécurité pour les Systèmes Auto-organisant, PhD thesis, Télécom Bretagne (2009)

    Google Scholar 

  8. Cuppens, F., Cuppens-Boulahia, N.: Modeling Contextual Security Policies. International Journal of Information Security 7(4), 285–305 (2007)

    Article  MATH  Google Scholar 

  9. Cuppens, F., Miège, A.: An Administration Model for Or-BAC. International Journal of Computer Systems Science and Engineering 19(3), 151–162 (2004)

    Google Scholar 

  10. Cuppens, F., Cuppens-Boulahia, N., Coma, C.: O2O: Virtual Private Organizations to Manage Security Policy interoperability. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, pp. 101–120. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  11. Cuppens, F., Cuppens-Boulahia, N., Ben Ghorbel, M.: High Level Conflict Management Strategies in Advanced Access Control Models. Electronics Notes in Theoretical Computer Science, vol. 186, pp. 3–26. Elsevier, V., Amsterdam (2007)

    MATH  Google Scholar 

  12. Duckham, M., Kulik, L.: Location Privacy and Location-aware Computing. In: Dynamic and Mobile GIS: Investigating Change in Space and Time, pp. 34–51. CRC press, Boca Raton (2006)

    Google Scholar 

  13. Gabillon, A., Capolsini, P.: Dynamic Security Rules for Geo Data. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., Roudier, Y. (eds.) Data Privacy Management and Autonomous Spontaneous Security. LNCS, vol. 5939, pp. 136–152. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  14. Gedik, B., Liu, L.: Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms. IEEE Transactions on Mobile Computing 7(1), 1–18 (2008)

    Article  Google Scholar 

  15. Abou El Kalam, A., El Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miège, A., Saurel, C., Trouessin, G.: Organization Based Access Control. In: Proceedings of the 4th International Workshop on Policies for Distributed Systems and Networks (Policy 2003), Como, Italy (June 2003)

    Google Scholar 

  16. Krumm, J.: A Survey of Computational Location Privacy. Journal: Personal and Ubiquitous Computing 13(6), 391–399 (2008)

    Google Scholar 

  17. Ni, Q., Trombetta, A., Bertino, E., Lobo, J.: Privacy-aware Role Based Access Control. In: 12th ACM symposium on Access control models and technologies, Session Privacy management, pp. 41–50 (2007)

    Google Scholar 

  18. Spiekermann, S., Grossklags, J., Berendt, B.: E-Privacy in Second Generation E-Commerce: Privacy Preferences versus Actual Behaviour. In: Proceedings of the ACM Conference Electronic Commerce (EC 2001), Florida, USA, pp. 38–47 (October 2001)

    Google Scholar 

  19. World Wide Web Consortium (W3C), The Platform for Privacy Preferences 1.0 (P3P) Specification (April 2002)

    Google Scholar 

  20. World Wide Web Consortium (W3C), A P3P Preference Exchange Language 1.0 (APPEL), Working draft (April 2002)

    Google Scholar 

  21. Yang, N., Barringer, H., Zhang, N.: A Purpose-Based Access Control Model. In: The third International Symposium on Information Assurance and Security, pp. 143–148 (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LUSSI Department, Institut Télécom, Telecom Bretagne, 2 rue de la Chataigneraie Cesson-Sevigne, 35576, France

    Nabil Ajam, Nora Cuppens-Boulahia & Frederic Cuppens

Authors
  1. Nabil Ajam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nora Cuppens-Boulahia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Frederic Cuppens
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, 4400 University Drive, 22030-4422, Fairfax, VA, USA

    Sushil Jajodia

  2. Institute for Infocomm Research, 1 Fusionopolis Way, 21-01 Connexis, 138632, South Tower, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Ajam, N., Cuppens-Boulahia, N., Cuppens, F. (2010). Privacy Administration in Distributed Service Infrastructure. In: Jajodia, S., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 50. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16161-2_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16161-2_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16160-5

  • Online ISBN: 978-3-642-16161-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation