Policy-Based Data Downgrading: Toward a Semantic Framework and Automated Tools to Balance Need-to-Protect and Need-to-Share Policies

Author

Denker, Grit ; Gehani, Ashish ; Kim, Minyoung ; Hanz, David

Author_Institution

Comput. Sci. Lab., SRI Int., Menlo Park, CA, USA

fYear

2010

fDate

21-23 July 2010

Firstpage

120

Lastpage

128

Abstract

We describe a new paradigm for articulating need-to-protect and need-to-share policies that shows promise for enabling automated derivation of the downgrading rulesets needed to comply with these policies in systems that share data. This new paradigm is based on fine-grained semantic policy specifications in terms of context, content, Purpose, and Anti-purpose that are expressed in a machine-understandable language. Our approach is based on an existing reasoning capability that can handle simple downgrading cases. Extensions to handle more complex cases are discussed. Although not yet a complete, turnkey solution to the overall data sharing and privacy problem, we posit that our approach provides an auspicious research vector for future work towards achieving that goal.

Keywords

data privacy; formal specification; software tools; ubiquitous computing; automated tool; balance need to protect policy; data sharing; fine grained semantic policy specification; machine understandable language; need to share policy; policy based data downgrading; privacy problem; reasoning capability; semantic framework; Accuracy; Analytical models; Context; Data models; Global Positioning System; Privacy; Semantics;

fLanguage

English

Publisher

ieee

Conference_Titel

Policies for Distributed Systems and Networks (POLICY), 2010 IEEE International Symposium on

Conference_Location

Fairfax, VA

Print_ISBN

978-1-4244-8206-1

Electronic_ISBN

978-0-7695-4238-6

Type

conf

DOI

10.1109/POLICY.2010.33

Filename

5630236