Abstract
This paper addresses the issue of solving conflicts occurring in the authorization decision process among policies applicable to an access request. We propose a strategy for conflict resolution based on the evaluation of the specificity level of the elements constituting the policies. Operatively, the strategy is implemented by exploiting a well known decision making technique. Two practical examples of use in the healthcare scenario are given.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
The research leading to these results received funding from the European Union 7th Framework Programme under grant n. 256980 (NESSoS) and from the IIT internal project MobiCare.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Matteucci, I., Petrocchi, M., Sbodio, M.L., Wiegand, L.: A Design Phase for Data Sharing Agreements. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds.) DPM 2011 and SETOP 2011. LNCS, vol. 7122, pp. 25–41. Springer, Heidelberg (2012)
Martinelli, F., Matteucci, I., Petrocchi, M., Wiegand, L.: A Formal Support for Collaborative Data Sharing. In: Quirchmayr, G., Basl, J., You, I., Xu, L., Weippl, E. (eds.) CD-ARES 2012. LNCS, vol. 7465, pp. 547–561. Springer, Heidelberg (2012)
Matteucci, I., Mori, P., Petrocchi, M., Wiegand, L.: Controlled data sharing in E-health. In: Socio Technical Aspects in Security and Trust, pp. 17–23. IEEE (2011)
Jin, J., Ahn, G.J., Hu, H., Covington, M.J., Zhang, X.: Patient-centric authorization framework for electronic healthcare services. Computers & Security 30(2-3), 116–127 (2011)
OASIS: eXtensible Access Control Markup Language (XACML) Version 3.0 (2010)
Al-Shaer, E.S., Hamed, H.H.: Firewall policy advisor for anomaly discovery and rule editing. In: IFIP/IEEE Integrated Network Management, pp. 17–30 (2003)
Hall-May, M., Kelly, T.: Towards conflict detection and resolution of safety policies. In: Intl. System Safety Conf. (2006)
Lupu, E.C., Sloman, M.: Conflicts in policy-based distributed systems management. IEEE Trans. Softw. Eng. 25(6), 852–869 (1999)
Syukur, E.: Methods for policy conflict detection and resolution in pervasive computing environments. In: Policy Management for Web (WWW 2005), pp. 10–14. ACM (2005)
Masoumzadeh, A., Amini, M., Jalili, R.: Conflict detection and resolution in context-aware authorization. In: Security in Networks and Distributed Systems, pp. 505–511. IEEE (2007)
Dunlop, N., Indulska, J., Raymond, K.: Methods for conflict resolution in policy-based management systems. In: Enterprise Distributed Object Computing, pp. 98–109. IEEE (2003)
Saaty, T.L.: Decision-making with the AHP: Why is the principal eigenvector necessary. European Journal of Operational Research 145(1), 85–91 (2003)
Saaty, T.L.: Decision making with the Analytic Hierarchy Process. International Journal of Services Sciences 1(1), 83–98 (2008)
Saaty, T.L.: How to make a decision: The Analytic Hierarchy Process. European Journal of Operational Research 48(1), 9–26 (1990)
Saaty, T.L.: A scaling method for priorities in hierarchical structures. Journal of Mathematical Psychology 15(3), 234–281 (1977)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Matteucci, I., Mori, P., Petrocchi, M. (2013). Prioritized Execution of Privacy Policies. In: Di Pietro, R., Herranz, J., Damiani, E., State, R. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2012 2012. Lecture Notes in Computer Science, vol 7731. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35890-6_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-35890-6_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35889-0
Online ISBN: 978-3-642-35890-6
eBook Packages: Computer ScienceComputer Science (R0)