scholarly journals Coupling of Inference and Access Controls to Ensure Privacy Protection

2021 ◽  
Vol 11 (5) ◽  
pp. 529-535
Author(s):  
Jihane El Mokhtari ◽  
Anas Abou El Kalam ◽  
Siham Benhaddou ◽  
Jean-Philippe Leroy
Keyword(s):  
Access Control ◽  
Privacy Protection ◽  
Multidimensional Analysis ◽  
Sensitive Data ◽  
Inference Control ◽  
External Data ◽  
Control Rules ◽  
Access Controls ◽  
Policy Information ◽  
History Of

This article is devoted to the topic of coupling access and inference controls into security policies. The coupling of these two mechanisms is necessary to strengthen the protection of the privacy of complex systems users. Although the PrivOrBAC access control model covers several privacy protection requirements, the risk of inferring sensitive data may exist. Indeed, the accumulation of several pieces of data to which access is authorized can create an inference. This work proposes an inference control mechanism implemented through multidimensional analysis. This analysis will take into account several elements such as the history of access to the data that may create an inference, as well as their influence on the inference. The idea is that this mechanism delivers metrics that reflect the level of risk. These measures will be considered in the access control rules and will participate in the refusal or authorization decision with or without obligation. This is how the coupling of access and inference controls will be applied. The implementation of this coupling will be done via the multidimensional OLAP databases which will be requested by the Policy Information Point, the gateway brick of XACML to the various external data sources, which will route the inference measurements to the decision-making point.

scholarly journals Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment

2014 ◽  
Vol 2014 ◽  
pp. 1-8 ◽  
Author(s):  
Seungsoo Baek ◽  
Seungjoo Kim
Keyword(s):  
Social Network ◽  
Access Control ◽  
User Behavior ◽  
Online Social Network ◽  
Sociological Approach ◽  
Access Control Models ◽  
Control Rules ◽  
Access Control Rules ◽  
Dynamic Trust ◽  
Privacy Breaches

There has been an explosive increase in the population of the OSN (online social network) in recent years. The OSN provides users with many opportunities to communicate among friends and family. Further, it facilitates developing new relationships with previously unknown people having similar beliefs or interests. However, the OSN can expose users to adverse effects such as privacy breaches, the disclosing of uncontrolled material, and the disseminating of false information. Traditional access control models such as MAC, DAC, and RBAC are applied to the OSN to address these problems. However, these models are not suitable for the dynamic OSN environment because user behavior in the OSN is unpredictable and static access control imposes a burden on the users to change the access control rules individually. We propose a dynamic trust-based access control for the OSN to address the problems of the traditional static access control. Moreover, we provide novel criteria to evaluate trust factors such as sociological approach and evaluate a method to calculate the dynamic trust values. The proposed method can monitor negative behavior and modify access permission levels dynamically to prevent the indiscriminate disclosure of information.

scholarly journals Framework for Authentication 802.1X Security Protocol of WNAS as RFC Access Management Device Associated with RFC Authentication Management Technique

2021 ◽  
Author(s):  
Fathima T ◽  
Vennila S M
Keyword(s):  
Security Protocol ◽  
Management Technique ◽  
Network Access ◽  
Access Management ◽  
Sensitive Data ◽  
New Approach ◽  
Data Packets ◽  
Wired Networks ◽  
Access Controls ◽  
Authentication Management

IEEE 802 is used in LAN networks that expose or provide sensitive data to complex applications or services. These are protocols for accessing, managing and controlling access to network-based services and applications in general. Port-controlled network access controls network access and prevents the transmission and reception of nameless or unauthorized persons, leading to network interruption, service theft and data loss. This paper introduces a new approach to investigate whether a data packets in wired networks transferred to a management device is authenticated packet. The data packets are sent to the SDN from RAR and share the information associated with each packet with a limited rate for the access management and are received by the RFC. Here it detects whether the data packet arrived is accepted or restricted. The speed at the authentication start packet is restricted to manage the number of terminals that enter later authentication, and it avoids avalanche impact of wireless authentication which may cause faults to lots of terminals which enter later authentication at the same time.

scholarly journals Agrarian policy of the Ukrainian State on the journals of the meetings of the Council of Ministers

2017 ◽  
Vol 25 (1) ◽  
pp. 189
Author(s):  
Dmytro Volodymyrovych Arkhireyskyi
Keyword(s):  
Information Content ◽  
Land Reform ◽  
Price Policy ◽  
Land Ownership ◽  
Agrarian Policy ◽  
Policy Information ◽  
History Of ◽  
Military Command ◽  
Council Of Ministers

The information content of the journals (minutes) of the meetings of the Council of Ministers of the Ukrainian State (1918) is investigated, which makes it possible to clarify the specifics of governmental agrarian policy. Information on the influence of the German and Austro-Hungarian military command on the agrarian policy of Ukraine, the peculiarities of land ownership and agrarian relations, the food and price policy of the Ukrainian government, and attempts at agrarian and land reform are discussed. The journals of the meetings of the Council of Ministers contain information about the emergence of a peasant rebel movement, caused in general by the unsuccessful agrarian activity of Hetman P. Skoropadsky, and also about government measures aimed at suppressing this movement. The investigated documentary complex should be recognized as an important source on the history of not only the Ukrainian State, its agrarian policy, but also the insurrectional movement and the Ukrainian Revolution of 1917−1921 generally.

scholarly journals The issues connected with the anonymization of medical data. Part 2. Advanced anonymization and anonymization controlled by owner of protected sensitive data

2014 ◽  
Vol 8 (2) ◽  
pp. 13-24 ◽  
Author(s):  
Arkadiusz Liber
Keyword(s):  
Privacy Protection ◽  
Differential Privacy ◽  
Data Access ◽  
Medical Data ◽  
Medical Documentation ◽  
Research Review ◽  
Sensitive Data ◽  
Data Anonymization ◽  
Data Access Control ◽  
Anonymized Data

Introduction: Medical documentation ought to be accessible with the preservation of its integrity as well as the protection of personal data. One of the manners of its protection against disclosure is anonymization. Contemporary methods ensure anonymity without the possibility of sensitive data access control. it seems that the future of sensitive data processing systems belongs to the personalized method. In the first part of the paper k-Anonymity, (X,y)- Anonymity, (α,k)- Anonymity, and (k,e)-Anonymity methods were discussed. these methods belong to well - known elementary methods which are the subject of a significant number of publications. As the source papers to this part, Samarati, Sweeney, wang, wong and zhang’s works were accredited. the selection of these publications is justified by their wider research review work led, for instance, by Fung, Wang, Fu and y. however, it should be noted that the methods of anonymization derive from the methods of statistical databases protection from the 70s of 20th century. Due to the interrelated content and literature references the first and the second part of this article constitute the integral whole.Aim of the study: The analysis of the methods of anonymization, the analysis of the methods of protection of anonymized data, the study of a new security type of privacy enabling device to control disclosing sensitive data by the entity which this data concerns.Material and methods: Analytical methods, algebraic methods.Results: Delivering material supporting the choice and analysis of the ways of anonymization of medical data, developing a new privacy protection solution enabling the control of sensitive data by entities which this data concerns.Conclusions: In the paper the analysis of solutions for data anonymization, to ensure privacy protection in medical data sets, was conducted. the methods of: k-Anonymity, (X,y)- Anonymity, (α,k)- Anonymity, (k,e)-Anonymity, (X,y)-Privacy, lKc-Privacy, l-Diversity, (X,y)-linkability, t-closeness, confidence Bounding and Personalized Privacy were described, explained and analyzed. The analysis of solutions of controlling sensitive data by their owner was also conducted. Apart from the existing methods of the anonymization, the analysis of methods of the protection of anonymized data was included. In particular, the methods of: δ-Presence, e-Differential Privacy, (d,γ)-Privacy, (α,β)-Distributing Privacy and protections against (c,t)-isolation were analyzed. Moreover, the author introduced a new solution of the controlled protection of privacy. the solution is based on marking a protected field and the multi-key encryption of sensitive value. The suggested way of marking the fields is in accordance with Xmlstandard. For the encryption, (n,p) different keys cipher was selected. to decipher the content the p keys of n were used. The proposed solution enables to apply brand new methods to control privacy of disclosing sensitive data.

Privacy Compliance Requirements in Workflow Environments

2015 ◽  
pp. 157-177
Author(s):  
Maria N. Koukovini ◽  
Eugenia I. Papagiannakopoulou ◽  
Georgios V. Lioudakis ◽  
Nikolaos L. Dellas ◽  
Dimitra I. Kaklamani ◽  
...  
Keyword(s):  
Information Systems ◽  
Privacy Protection ◽  
Workflow Management ◽  
The Other ◽  
Privacy By Design ◽  
Workflow Management Systems ◽  
Sensitive Data ◽  
Protection Measures ◽  
Compliance Requirements ◽  
The One

Workflow management systems are used to run day-to-day applications in numerous domains, often including exchange and processing of sensitive data. Their native “leakage-proneness,” being the consequence of their distributed and collaborative nature, calls for sophisticated mechanisms able to guarantee proper enforcement of the necessary privacy protection measures. Motivated by the principles of Privacy by Design and its potential for workflow environments, this chapter investigates the associated issues, challenges, and requirements. With the legal and regulatory provisions regarding privacy in information systems as a baseline, the chapter elaborates on the challenges and derived requirements in the context of workflow environments, taking into account the particular needs and implications of the latter. Further, it highlights important aspects that need to be considered regarding, on the one hand, the incorporation of privacy-enhancing features in the workflow models themselves and, on the other, the evaluation of the latter against privacy provisions.

Is It Privacy or Is It Access Control?

2014 ◽  
pp. 51-58 ◽  
Author(s):  
Sylvia L. Osborn
Keyword(s):  
Access Control ◽  
Privacy Protection ◽  
The Other ◽  
Data Sets ◽  
Online Systems ◽  
Other Hand ◽  
The One

With the widespread use of online systems, there is an increasing focus on maintaining the privacy of individuals and information about them. This is often referred to as a need for privacy protection. The author briefly examines definitions of privacy in this context, roughly delineating between keeping facts private and statistical privacy that deals with what can be inferred from data sets. Many of the mechanisms used to implement what is commonly thought of as access control are the same ones used to protect privacy. This chapter explores when this is not the case and, in general, the interplay between privacy and access control on the one hand and, on the other hand, the separation of these models from mechanisms for their implementation.

Privacy Nudges

2015 ◽  
pp. 256-264
Author(s):  
Barbara Sandfuchs
Keyword(s):  
Privacy Protection ◽  
Traditional Approach ◽  
Genetic Data ◽  
Sensitive Data ◽  
Self Disclosure ◽  
Alternative Approach ◽  
The Future ◽  
Scholarly Attention

To fight the risks caused by excessive self-disclosure especially regarding sensitive data such as genetic ones, it might be desirable to prevent certain disclosures. When doing so, regulators traditionally compel protection, for example by prohibiting the collection and/or use of genetic data even if citizens would like to share these data. This chapter provides an introduction into an alternative approach which has recently received increased scholarly attention: privacy protection by the use of nudges. Such nudges may in the future provide an alternative to compelled protection of genetic data or complement the traditional approach. This chapter first describes behavioral psychology's findings that citizens sometimes act irrational. This statement is consequently explained with the insights that these irrationalities are often predictable. Thus, a solution might be to correct them by the use of nudges.

Sign in / Sign up

Export Citation Format

Share Document