Title :
Policy-Based Data Downgrading: Toward a Semantic Framework and Automated Tools to Balance Need-to-Protect and Need-to-Share Policies
Author :
Denker, Grit ; Gehani, Ashish ; Kim, Minyoung ; Hanz, David
Author_Institution :
Comput. Sci. Lab., SRI Int., Menlo Park, CA, USA
Abstract :
We describe a new paradigm for articulating need-to-protect and need-to-share policies that shows promise for enabling automated derivation of the downgrading rulesets needed to comply with these policies in systems that share data. This new paradigm is based on fine-grained semantic policy specifications in terms of context, content, Purpose, and Anti-purpose that are expressed in a machine-understandable language. Our approach is based on an existing reasoning capability that can handle simple downgrading cases. Extensions to handle more complex cases are discussed. Although not yet a complete, turnkey solution to the overall data sharing and privacy problem, we posit that our approach provides an auspicious research vector for future work towards achieving that goal.
Keywords :
data privacy; formal specification; software tools; ubiquitous computing; automated tool; balance need to protect policy; data sharing; fine grained semantic policy specification; machine understandable language; need to share policy; policy based data downgrading; privacy problem; reasoning capability; semantic framework; Accuracy; Analytical models; Context; Data models; Global Positioning System; Privacy; Semantics;
Conference_Titel :
Policies for Distributed Systems and Networks (POLICY), 2010 IEEE International Symposium on
Conference_Location :
Fairfax, VA
Print_ISBN :
978-1-4244-8206-1
Electronic_ISBN :
978-0-7695-4238-6
DOI :
10.1109/POLICY.2010.33
