Purpose appears in all privacy guidelines, codes, policies, and legislations. It plays a central role in many privacy-related systems such as P3P, Hippocratic databases, EPAL, and XACML. We show that the P3P 12 standard purposes mix uses of personal information with acts on personal information and mix uses of personal information privacy with other states of affairs that have several interpret...

In this paper, we propose a model-driven approach for specifying, deploying and testing security policies in Java applications. First, a security policy is specified independently of the underlying access control language (OrBAC, RBAC). It is based on a generic security meta-model which can be used for early consistency checks in the security policy. This model is then automatically transformed...

Computing devices already permeate working and living environments; a trend which is expected to intensify in the coming years. However, the direct interaction smart devices often have with the physical world, along with the processing, storage and communication of private sensitive data pertaining to users’ lives, bring security concerns into the limelight. This paper presents Web Service Acce...

Web services are the new building block of today’s Internet, and provides interoperability among heterogeneous distributed systems. Recently in web services environment, security has become one of the most critical issues. The hackers attack one of fragile point and can misuse legitimate user privilege because all of the connected devices provide services for the user control and monitoring in ...

In an e-Science environment, large-scale distributed resources in autonomous domains are aggregated by unified collaborative platforms to support scientific research across organizational boundaries. In order to enhance the scalability of access management, an integrated approach for decentralizing the task from resource owners to administrators on the platform is needed. We propose an extensib...

Access control service is used to solve the controllability problem of data and service, access control system is finally deployed in the form of policy. The description forms of policy are different in the stage of configuration and deployment. Safety policy translation model is used to realize configuration policy and automatic translation of deployment policy. However, currently it lacks aut...

Annotation systems enable “value-adding” to digital resources by the attachment of additional data in the form of comments, explanations, references, reviews, corrections and other types of external, subjective remarks. They facilitate group discourse and capture collective intelligence by enabling communities to attach and share their views on particular data and documents accessible over the ...

Separation of access control logic from other components of applications facilitates uniform enforcement of policies across applications in enterprise systems. This approach is popular in attribute-based access control (ABAC) systems and is embodied in the XACML standard. For this approach to be practical in an enterprise system, the access control decision engine must be scalable, able to quic...

Private access to corporate servers from Internet can be achieved using various security mechanisms. This article presents a network access control mechanism that employs a policy management architecture empowered with dynamic firewalls. With the existence of such an architecture, system and/or network administrators do not need to reconfigure firewalls when there is a location change in user s...

Collaborative systems enable organizations to communicate, interact and cooperate with each other to achieve their business goals. Access control is an important security mechanism for organizations to protect their resources in collaborative environments. Many access control models and mechanisms have been proposed for collaborative systems. However, under the new collaborative paradigm based ...