Automatic compliance of privacy policies in federated digital identity management

Anna Squicciarini; Marco Casassa Mont; Abhilasha Bhargav-Spantzel; Elisa Bertino

doi:10.1109/POLICY.2008.46

Automatic compliance of privacy policies in federated digital identity management

Anna Squicciarini, Marco Casassa Mont, Abhilasha Bhargav-Spantzel, Elisa Bertino

College of Information Sciences and Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

6 Scopus citations

Abstract

Privacy [4] in the digital world is an important problem which is becoming even more pressing as new collaborative applications are developed. The lack of privacy preserving mechanisms is particularly problematic in federated identity management contexts. In such a context, users can seamlessly interact with a variety of federated web services, through the use of single-sign-on mechanisms and the capability of sharing personal data among these web services. We argue that comprehensive privacy policies should be stated by federated service providers and proactively checked by these providers, before disclosing users' data to federated partners. To address such requirements, we introduce mechanisms and algorithms for policy compliance checking between federated service providers, based on an innovative policy subsumption approach. We formally introduce and analyze our approach.

Original language	English (US)
Title of host publication	Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008
Pages	89-92
Number of pages	4
DOIs	https://doi.org/10.1109/POLICY.2008.46
State	Published - 2008
Event	9th IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008 - Palisades, NY, United States Duration: Jun 2 2008 → Jun 4 2008

Publication series

Name	Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008

Other

Other	9th IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008
Country/Territory	United States
City	Palisades, NY
Period	6/2/08 → 6/4/08

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Control and Systems Engineering

Access to Document

10.1109/POLICY.2008.46

Cite this

Squicciarini, A., Mont, M. C., Bhargav-Spantzel, A., & Bertino, E. (2008). Automatic compliance of privacy policies in federated digital identity management. In Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008 (pp. 89-92). Article 4556584 (Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008). https://doi.org/10.1109/POLICY.2008.46

Squicciarini, Anna ; Mont, Marco Casassa ; Bhargav-Spantzel, Abhilasha et al. / Automatic compliance of privacy policies in federated digital identity management. Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008. 2008. pp. 89-92 (Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008).

@inproceedings{4943f597a3eb42a8a5a3561520b0a084,

title = "Automatic compliance of privacy policies in federated digital identity management",

abstract = "Privacy [4] in the digital world is an important problem which is becoming even more pressing as new collaborative applications are developed. The lack of privacy preserving mechanisms is particularly problematic in federated identity management contexts. In such a context, users can seamlessly interact with a variety of federated web services, through the use of single-sign-on mechanisms and the capability of sharing personal data among these web services. We argue that comprehensive privacy policies should be stated by federated service providers and proactively checked by these providers, before disclosing users' data to federated partners. To address such requirements, we introduce mechanisms and algorithms for policy compliance checking between federated service providers, based on an innovative policy subsumption approach. We formally introduce and analyze our approach.",

author = "Anna Squicciarini and Mont, {Marco Casassa} and Abhilasha Bhargav-Spantzel and Elisa Bertino",

year = "2008",

doi = "10.1109/POLICY.2008.46",

language = "English (US)",

isbn = "9780769531335",

series = "Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008",

pages = "89--92",

booktitle = "Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008",

note = "9th IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008 ; Conference date: 02-06-2008 Through 04-06-2008",

}

Squicciarini, A, Mont, MC, Bhargav-Spantzel, A & Bertino, E 2008, Automatic compliance of privacy policies in federated digital identity management. in Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008., 4556584, Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008, pp. 89-92, 9th IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008, Palisades, NY, United States, 6/2/08. https://doi.org/10.1109/POLICY.2008.46

Automatic compliance of privacy policies in federated digital identity management. / Squicciarini, Anna; Mont, Marco Casassa; Bhargav-Spantzel, Abhilasha et al.
Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008. 2008. p. 89-92 4556584 (Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Automatic compliance of privacy policies in federated digital identity management

AU - Squicciarini, Anna

AU - Mont, Marco Casassa

AU - Bhargav-Spantzel, Abhilasha

AU - Bertino, Elisa

PY - 2008

Y1 - 2008

N2 - Privacy [4] in the digital world is an important problem which is becoming even more pressing as new collaborative applications are developed. The lack of privacy preserving mechanisms is particularly problematic in federated identity management contexts. In such a context, users can seamlessly interact with a variety of federated web services, through the use of single-sign-on mechanisms and the capability of sharing personal data among these web services. We argue that comprehensive privacy policies should be stated by federated service providers and proactively checked by these providers, before disclosing users' data to federated partners. To address such requirements, we introduce mechanisms and algorithms for policy compliance checking between federated service providers, based on an innovative policy subsumption approach. We formally introduce and analyze our approach.

AB - Privacy [4] in the digital world is an important problem which is becoming even more pressing as new collaborative applications are developed. The lack of privacy preserving mechanisms is particularly problematic in federated identity management contexts. In such a context, users can seamlessly interact with a variety of federated web services, through the use of single-sign-on mechanisms and the capability of sharing personal data among these web services. We argue that comprehensive privacy policies should be stated by federated service providers and proactively checked by these providers, before disclosing users' data to federated partners. To address such requirements, we introduce mechanisms and algorithms for policy compliance checking between federated service providers, based on an innovative policy subsumption approach. We formally introduce and analyze our approach.

UR - http://www.scopus.com/inward/record.url?scp=51849140992&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=51849140992&partnerID=8YFLogxK

U2 - 10.1109/POLICY.2008.46

DO - 10.1109/POLICY.2008.46

M3 - Conference contribution

AN - SCOPUS:51849140992

SN - 9780769531335

T3 - Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008

SP - 89

EP - 92

BT - Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008

T2 - 9th IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008

Y2 - 2 June 2008 through 4 June 2008

ER -

Squicciarini A, Mont MC, Bhargav-Spantzel A, Bertino E. Automatic compliance of privacy policies in federated digital identity management. In Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008. 2008. p. 89-92. 4556584. (Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008). doi: 10.1109/POLICY.2008.46

Automatic compliance of privacy policies in federated digital identity management

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this