Modeling and Expressing Purpose Validation Policy for Privacy-aware Usage Control in Distributed Environment

Research output: Contribution to conferencePaper

206 Downloads (Pure)

Abstract

Privacy-aware usage control is a control of the usage of private data with the aim to protect data owner privacy. In privacy-aware system, the purpose of data usage1 is strictly controlled to ensure that data owner privacy is properly protected and data would never be used beyond what it is authorized for. To fulfill that level of protection, it requires the strong enforcement of usage policy, in particular, the en- forcement of the purpose of data usage. However, there are many difficulties in purpose enforcement. One of which is to validate the purpose of an agent when it requests to perform an action, particularly in distributed environments where the processing of data is carried out on client side application and direct control of it is limited. Generally, validating “a particular purpose” may require different mechanisms and can happen at different points in time2 during the lifecycle of data usage. Hence, there is a need to express “how purpose should be validated” by indicating which validation mechanisms should be used and when the validation should take place so that the remote system can act as instructed. In this paper, we discuss the design issue of purpose validation policy3 expression based on our proposed validation struc- ture: pre-, ongoing-, and post-validation. Furthermore, we discuss how the existing languages such as EPAL, XACML, and ODRL can directly be used or extended to support our proposed purpose validation policy model.
Original languageEnglish
Number of pages8
Publication statusPublished - 10 Jan 2014
EventACM International conference on ubiquitous information management and communication - Siem Reap, Siem Reap, Cambodia
Duration: 9 Jan 201411 Jan 2014

Conference

ConferenceACM International conference on ubiquitous information management and communication
CountryCambodia
CitySiem Reap
Period9/01/1411/01/14

Fingerprint

Data privacy
Processing

Keywords

  • Purpose enforcement
  • purpose validation policy expression
  • policy management.
  • usage
  • usage policy
  • privacy
  • distributed system
  • purpose validation

Cite this

Rath, T. M. A., & Colin, J-N. (2014). Modeling and Expressing Purpose Validation Policy for Privacy-aware Usage Control in Distributed Environment. Paper presented at ACM International conference on ubiquitous information management and communication, Siem Reap, Cambodia.
Rath, Thavy Mony Annanda ; Colin, Jean-Noël. / Modeling and Expressing Purpose Validation Policy for Privacy-aware Usage Control in Distributed Environment. Paper presented at ACM International conference on ubiquitous information management and communication, Siem Reap, Cambodia.8 p.
@conference{a56320591b424a42bd0a6223567b431f,
title = "Modeling and Expressing Purpose Validation Policy for Privacy-aware Usage Control in Distributed Environment",
abstract = "Privacy-aware usage control is a control of the usage of private data with the aim to protect data owner privacy. In privacy-aware system, the purpose of data usage1 is strictly controlled to ensure that data owner privacy is properly protected and data would never be used beyond what it is authorized for. To fulfill that level of protection, it requires the strong enforcement of usage policy, in particular, the en- forcement of the purpose of data usage. However, there are many difficulties in purpose enforcement. One of which is to validate the purpose of an agent when it requests to perform an action, particularly in distributed environments where the processing of data is carried out on client side application and direct control of it is limited. Generally, validating “a particular purpose” may require different mechanisms and can happen at different points in time2 during the lifecycle of data usage. Hence, there is a need to express “how purpose should be validated” by indicating which validation mechanisms should be used and when the validation should take place so that the remote system can act as instructed. In this paper, we discuss the design issue of purpose validation policy3 expression based on our proposed validation struc- ture: pre-, ongoing-, and post-validation. Furthermore, we discuss how the existing languages such as EPAL, XACML, and ODRL can directly be used or extended to support our proposed purpose validation policy model.",
keywords = "Purpose enforcement, purpose validation policy expression, policy management., usage, usage policy, privacy, distributed system, purpose validation",
author = "Rath, {Thavy Mony Annanda} and Jean-No{\"e}l Colin",
year = "2014",
month = "1",
day = "10",
language = "English",
note = "ACM International conference on ubiquitous information management and communication ; Conference date: 09-01-2014 Through 11-01-2014",

}

Rath, TMA & Colin, J-N 2014, 'Modeling and Expressing Purpose Validation Policy for Privacy-aware Usage Control in Distributed Environment' Paper presented at ACM International conference on ubiquitous information management and communication, Siem Reap, Cambodia, 9/01/14 - 11/01/14, .

Modeling and Expressing Purpose Validation Policy for Privacy-aware Usage Control in Distributed Environment. / Rath, Thavy Mony Annanda; Colin, Jean-Noël.

2014. Paper presented at ACM International conference on ubiquitous information management and communication, Siem Reap, Cambodia.

Research output: Contribution to conferencePaper

TY - CONF

T1 - Modeling and Expressing Purpose Validation Policy for Privacy-aware Usage Control in Distributed Environment

AU - Rath, Thavy Mony Annanda

AU - Colin, Jean-Noël

PY - 2014/1/10

Y1 - 2014/1/10

N2 - Privacy-aware usage control is a control of the usage of private data with the aim to protect data owner privacy. In privacy-aware system, the purpose of data usage1 is strictly controlled to ensure that data owner privacy is properly protected and data would never be used beyond what it is authorized for. To fulfill that level of protection, it requires the strong enforcement of usage policy, in particular, the en- forcement of the purpose of data usage. However, there are many difficulties in purpose enforcement. One of which is to validate the purpose of an agent when it requests to perform an action, particularly in distributed environments where the processing of data is carried out on client side application and direct control of it is limited. Generally, validating “a particular purpose” may require different mechanisms and can happen at different points in time2 during the lifecycle of data usage. Hence, there is a need to express “how purpose should be validated” by indicating which validation mechanisms should be used and when the validation should take place so that the remote system can act as instructed. In this paper, we discuss the design issue of purpose validation policy3 expression based on our proposed validation struc- ture: pre-, ongoing-, and post-validation. Furthermore, we discuss how the existing languages such as EPAL, XACML, and ODRL can directly be used or extended to support our proposed purpose validation policy model.

AB - Privacy-aware usage control is a control of the usage of private data with the aim to protect data owner privacy. In privacy-aware system, the purpose of data usage1 is strictly controlled to ensure that data owner privacy is properly protected and data would never be used beyond what it is authorized for. To fulfill that level of protection, it requires the strong enforcement of usage policy, in particular, the en- forcement of the purpose of data usage. However, there are many difficulties in purpose enforcement. One of which is to validate the purpose of an agent when it requests to perform an action, particularly in distributed environments where the processing of data is carried out on client side application and direct control of it is limited. Generally, validating “a particular purpose” may require different mechanisms and can happen at different points in time2 during the lifecycle of data usage. Hence, there is a need to express “how purpose should be validated” by indicating which validation mechanisms should be used and when the validation should take place so that the remote system can act as instructed. In this paper, we discuss the design issue of purpose validation policy3 expression based on our proposed validation struc- ture: pre-, ongoing-, and post-validation. Furthermore, we discuss how the existing languages such as EPAL, XACML, and ODRL can directly be used or extended to support our proposed purpose validation policy model.

KW - Purpose enforcement

KW - purpose validation policy expression

KW - policy management.

KW - usage

KW - usage policy

KW - privacy

KW - distributed system

KW - purpose validation

M3 - Paper

ER -

Rath TMA, Colin J-N. Modeling and Expressing Purpose Validation Policy for Privacy-aware Usage Control in Distributed Environment. 2014. Paper presented at ACM International conference on ubiquitous information management and communication, Siem Reap, Cambodia.