TY - GEN
T1 - XPACML eXtensible Privacy Access Control Markup Language
AU - Bekara, Kheira
AU - Mustapha, Yosra Ben
AU - Laurent, Maryline
PY - 2010/12/1
Y1 - 2010/12/1
N2 - Privacy in the digital world is a critical problem which is becoming even more imperious with the growth of the Internet, accompanied by the proliferation of e-services (e.g. e-commerce, e-health). One research track for efficient privacy management is to make use of user's and service provider's (SP) privacy policies, and to perform an automatic comparison in between to help any (skilled or unskilled) users preserving their privacy. In this paper, we focus on the privacy policy comparison issues. We adopt the eXtensible Access Control Markup Language (XACML) as a policy description language for user's preferences and SP's policies. We enrich XACML with P3P main elements to permit a privacy aware access control on the user's personal data elements, thus resulting in the new XPACML (eXtensible Privacy Access Control Markup Language) language. The paper describes first the XPACML language. Then, it presents the functional architecture at the user's side where the automatic privacy policy compliance can be performed. Finally it discusses our contributions compared to the main proposed solutions in the literature to better identify the interest of them.
AB - Privacy in the digital world is a critical problem which is becoming even more imperious with the growth of the Internet, accompanied by the proliferation of e-services (e.g. e-commerce, e-health). One research track for efficient privacy management is to make use of user's and service provider's (SP) privacy policies, and to perform an automatic comparison in between to help any (skilled or unskilled) users preserving their privacy. In this paper, we focus on the privacy policy comparison issues. We adopt the eXtensible Access Control Markup Language (XACML) as a policy description language for user's preferences and SP's policies. We enrich XACML with P3P main elements to permit a privacy aware access control on the user's personal data elements, thus resulting in the new XPACML (eXtensible Privacy Access Control Markup Language) language. The paper describes first the XPACML language. Then, it presents the functional architecture at the user's side where the automatic privacy policy compliance can be performed. Finally it discusses our contributions compared to the main proposed solutions in the literature to better identify the interest of them.
U2 - 10.1109/COMNET.2010.5699807
DO - 10.1109/COMNET.2010.5699807
M3 - Conference contribution
AN - SCOPUS:79951799611
SN - 9781424488391
T3 - 2010 2nd International Conference on Communications and Networking, ComNet 2010
BT - 2010 2nd International Conference on Communications and Networking, ComNet 2010
T2 - 2010 2nd International Conference on Communications and Networking, ComNet 2010
Y2 - 4 November 2010 through 7 November 2010
ER -