Title :
Strong and Weak Policy Relations
Author :
May, Michael J. ; Gunter, Carl A. ; Lee, Insup ; Zdancewic, Steve
Author_Institution :
Dept. of Inf. Sci. Eng., Kinneret Coll. on the Sea of Galilee, Emek Hayarden, Israel
Abstract :
Access control and privacy policy relations tend to focus on decision outcomes and are very sensitive to defined terms and state. Small changes or updates to a policy language or vocabulary may make two similar policies incomparable. To address this we develop two flexible policy relations derived from bisimulation in process calculi. Strong licensing compares the outcome of two policies strictly, similar to strong bisimulation. Weak licensing compares the outcome of policies more flexibly by ignoring irrelevant (non-conflicting) differences between outcomes, similar to weak bisimulation. We illustrate the relations using examples from P3P.
Keywords :
authorisation; bisimulation equivalence; data privacy; pi calculus; P3P; access control; bisimulation; policy language; privacy policy relation; process calculi; strong policy relation; vocabulary; weak licensing; weak policy relation; Access control; Calculus; Computer networks; Computer science; Control systems; Distributed computing; Educational institutions; Licenses; Privacy; Vocabulary; policy analysis; privacy policies;
Conference_Titel :
Policies for Distributed Systems and Networks, 2009. POLICY 2009. IEEE International Symposium on
Conference_Location :
London
Print_ISBN :
978-0-7695-3742-9
Electronic_ISBN :
978-0-7695-3742-9
DOI :
10.1109/POLICY.2009.20