A Semi-Automated Methodology for Extracting Access Control Rules from the European Data Protection Directive

2016 ◽  
Author(s):  
Kaniz Fatema ◽  
Christophe Debruyne ◽  
Dave Lewis ◽  
Declan OSullivan ◽  
John P. Morrison ◽  
...  
Keyword(s):  
Access Control ◽  
Data Protection ◽  
Control Rules ◽  
European Data ◽  
Access Control Rules ◽  
Data Protection Directive

scholarly journals Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

2014 ◽  
Vol 2014 ◽  
pp. 1-8 ◽  
Author(s):  
Seungsoo Baek ◽  
Seungjoo Kim
Keyword(s):  
Social Network ◽  
Access Control ◽  
User Behavior ◽  
Online Social Network ◽  
Sociological Approach ◽  
Access Control Models ◽  
Control Rules ◽  
Access Control Rules ◽  
Dynamic Trust ◽  
Privacy Breaches

There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information.

scholarly journals Revision of the European Data Protection Directive: opportunity or threat for public health monitoring?

2011 ◽  
Vol 21 (6) ◽  
pp. 684-687 ◽  
Author(s):  
F. Carinci ◽  
C. T. Di Iorio ◽  
W. Ricciardi ◽  
N. Klazinga ◽  
M. Verschuuren
Keyword(s):  
Public Health ◽  
Health Monitoring ◽  
Data Protection ◽  
Public Health Monitoring ◽  
European Data ◽  
Data Protection Directive

A Pervasive Polling Secret-Sharing Based Access Control Protocol for Sensitive Information

2011 ◽  
pp. 188-202
Author(s):  
Juan Álvaro Muñoz Naranjo ◽  
Justo Peralta López ◽  
Juan Antonio López Ramos
Keyword(s):  
Access Control ◽  
Secret Sharing ◽  
Collaborative Work ◽  
Sensitive Information ◽  
Control Rules ◽  
Access Control Rules ◽  
File Structure ◽  
Minimum Number ◽  
Message Format ◽  
Access Control Mechanism

This chapter presents a novel access control mechanism for sensitive information which requires permission from different entities or persons to be accessed. The mechanism consists of a file structure and a protocol which extend the features of the OpenPGP Message Format standard by using secret sharing techniques. Several authors are allowed to work in the same file, while access is blocked for not authorized users. Access control rules can be set indicating the minimum number of authors that need to be gathered together in order to open the file. Furthermore, these rules can be different for each section of the document, allowing collaborative work. Non-repudiation and authentication are achieved by means of a shared signature. The scheme’s features are best appreciated when using it in a mobile scenario. Deployment in such an environment is easy and straight.

Trust-Based Usage Control in Collaborative Environment

2010 ◽  
pp. 751-765
Author(s):  
Li Yang ◽  
Chang Phuong ◽  
Amy Novobilski ◽  
Raimund K. Ege
Keyword(s):  
Access Control ◽  
Trust Management ◽  
Partial Information ◽  
Usage Control ◽  
Trust Value ◽  
Access Control Models ◽  
Control Rules ◽  
Collaborative Environment ◽  
Access Control Rules ◽  
Resources Sharing

Most access control models have formal access control rules to govern the authorization of a request from a principal. In pervasive and collaborative environments, the behaviors of a principal are uncertain due to partial information. Moreover, the attributes of a principal, requested objects, and contexts of a request are mutable during the collaboration. A variety of such uncertainty and mutability pose challenges when resources sharing must happen in the collaborative environment. In order to address the above challenges, we propose a framework to integrate trust management into a usage control model in order to support decision making in an ever-changing collaborative environment. First, a trust value of a principal is evaluated based on both observed behaviors and peer recommendations. Second, the usage-based access control rules are checked to make decisions on resource exchanges. Our framework handles uncertainty and mutability by dynamically disenrolling untrusted principals and revoking granted on-going access if access control rules are no longer met. We have applied our trust-based usage control framework to an application of file sharing.

Second-Generation European Data Protection and Professional Journalism

2019 ◽  
pp. 100-122
Author(s):  
David Erdos
Keyword(s):  
Data Protection ◽  
Standard Setting ◽  
Strongly Correlated ◽  
Sensitive Data ◽  
Investigative Journalism ◽  
European Data ◽  
Data Protection Directive ◽  
Default Data ◽  
Default Rules ◽  
Almost All

Drawing on the results of an extensive questionnaire of European Data Protection Authorities (DPAs), this chapter explores these regulators’ substantive orientation and detailed approach to standard-setting in the area of professional journalism under the Data Protection Directive. As regards news production, a large majority of DPAs accepted that the special expressive purposes derogation was engaged. Notwithstanding a greater emphasis on an internal balancing of rights within default data protection norms, this also remained the plurality view also as regards news archives. Detailed standard-setting was explored through hypothetical scenarios relating to undercover investigative journalism and data subject access demands made of journalists. It was found that, notwithstanding conflicts in many cases with statutory transparency and sensitive data provisions, all DPAs accepted the essential legitimacy of undercover journalism and over one-third only required that such activity conform to a permissive public interest test that didn’t explicitly incorporate a necessity threshold. In contrast, a much stricter approach was taken to the articulation of standards relating to subject access, with over one-third arguing that, aside from protecting information relating to sources, journalists would be obliged to comply with the default rules here in full. This difference may be linked to the divergent treatment of these issues within self-regulatory media codes: whilst almost all set down general ‘ethical’ norms applicable to undercover journalism, almost none did so as regards subject access. Despite the general tendency to ‘read down’ statutory provisions relating to undercover journalism, the severity of a DPAs’ approach to each scenario remained strongly correlated with the stringency of local law applicable to journalism.

Sign in / Sign up

Export Citation Format

Share Document