An Ontology-Based Approach for Managing and Maintaining Privacy in Information Systems

The use of ontologies in the fields of information retrieval and semantic web is well-known Since long time researcher are trying to find ontological representations of the diverse laws to have a mechanism to retrieve fine granular legal information about diverse legal cases However, one of the common problems software systems are faced with in constitutional states is the adapting of the diverse privacy directives This is a very complex task due to lacks in current software solutions – especially from the architectural point of view In fact, we miss software solutions that manage privacy directives in a central instance in a structured manner Even more, such a solution should provide a fine granular access control mechanism on the data entities to ensure that every aspect of the privacy directives can be reflected Moreover, the whole system should be transparent, comprehensible, and modifiable at runtime This paper provides a novel solution for this by means of ontologies The usage of ontologies in our approach differs from the conventional form in focusing on generating access control policies which are adapted from our software framework to provide fine granular access on the diverse data sources.

[1]  Yarden Katz,et al.  Representing Web Service Policies in OWL-DL , 2005, SEMWEB.

[2]  Jos Lehmann,et al.  CAUSATIONT: Modeling Causation in AI&Law , 2003, Law and the Semantic Web.

[3]  Andreas Matheus,et al.  How to Declare Access Control Policies for XML Structured Information Objects using OASIS' eXtensible Access Control Markup Language (XACML) , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.

[4]  Thomas Sandholm,et al.  Policy administration control and delegation using XACML and Delegent , 2005, The 6th IEEE/ACM International Workshop on Grid Computing, 2005..

[5]  Larry Korba,et al.  Towards Meeting the Privacy Challenge: Adapting DRM , 2002, Digital Rights Management Workshop.

[6]  Enrico Motta,et al.  The Semantic Web - ISWC 2005, 4th International Semantic Web Conference, ISWC 2005, Galway, Ireland, November 6-10, 2005, Proceedings , 2005, SEMWEB.

[7]  Pompeu Casanovas,et al.  Law and the Semantic Web: Legal Ontologies, Methodologies, Legal Information Retrieval, and Applications , 2005, Law and the Semantic Web.

[8]  Rinke Hoekstra,et al.  Epistemology and ontology in core ontologies: FOLaw and LRI-Core, two core ontologies for law , 2004 .

[9]  S. Fischer-Hübner IT-Security and Privacy: Design and Use of Privacy-Enhancing Security Mechanisms , 2001 .

[10]  Radboud Winkels,et al.  Use and Reuse of Legal Ontologies in Knowledge Engineering and Information Management , 2003, Law and the Semantic Web.