An Algebra for Composing Enterprise Privacy Policies

12 years 11 months ago
An Algebra for Composing Enterprise Privacy Policies
Abstract. Enterprise privacy enforcement allows enterprises to internally enforce a privacy policy that the enterprise has decided to comply to. To facilitate the compliance with different privacy policies when several parts of an organization or different enterprises cooperate, it is crucial to have tools at hand that allow for a practical management of varying privacy requirements. We propose an algebra providing various types of operators for composing and restricting enterprise privacy policies like conjunction, disjunction, and scoping, together with its formal semantics. We base our work on a superset of the syntax and semantics of IBM’s Enterprise Privacy Authorization Language (EPAL), which recently has been submitted to W3C for standardization. However, a detailed analysis of the expressiveness of EPAL reveals that, somewhat surprisingly, EPAL is not closed under conjunction and disjunction. To circumvent this problem, we identified the subset of well-founded privacy polici...
Michael Backes, Markus Dürmuth, Rainer Steinw
Added 01 Jul 2010
Updated 01 Jul 2010
Type Conference
Year 2004
Authors Michael Backes, Markus Dürmuth, Rainer Steinwandt
Comments (0)