Modeling and expressing purpose validation policy for privacy-aware usage control in distributed environment

Privacy-aware usage control is a control of the usage of private data with the aim to protect data owner privacy. In privacy-aware system, the purpose of data usage is strictly controlled to ensure that data owner privacy is properly protected and data would never be used beyond what it is authorized for. To fulfill that level of protection, it requires the strong enforcement of usage policy, in particular, the enforcement of the purpose of data usage. However, there are many difficulties in purpose enforcement. One of which is to validate the purpose of an agent when it requests to perform an action, particularly in distributed environments where the processing of data is carried out on client side application and direct control of it is limited. Generally, validating "a particular purpose" may require different mechanisms and can happen at different points in time during the lifecycle of data usage. Hence, there is a need to express "how purpose should be validated" by indicating which validation mechanisms should be used and when the validation should take place so that the remote system can act as instructed. In this paper, we discuss the design issue of purpose validation policy expression based on our proposed validation structure: pre-, ongoing-, and post-validation. Furthermore, we discuss how the existing languages such as EPAL, XACML, and ODRL can directly be used or extended to support our proposed purpose validation policy model.

[1]  Reihaneh Safavi-Naini,et al.  Towards defining semantic foundations for purpose-based privacy policies , 2011, CODASPY '11.

[2]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[3]  Elisa Bertino,et al.  Privacy Protection , 2022 .

[4]  Reihaneh Safavi-Naini,et al.  Enforcing purpose of use via workflows , 2009, WPES '09.

[5]  Jorge Lobo,et al.  Privacy-Aware Role-Based Access Control , 2007, IEEE Security & Privacy.

[6]  Jean-Noel Colin,et al.  A Purpose Model and Policy Enforcement Engine for Usage Control in Distributed Healthcare Information System , 2013, HEALTHINF.

[7]  Jean-Pierre Seifert,et al.  A general obligation model and continuity: enhanced policy enforcement engine for usage control , 2008, SACMAT '08.

[8]  Patrick Valduriez,et al.  Design of PriServ, a privacy service for DHTs , 2008, PAIS '08.

[9]  Jaehong Park,et al.  Towards usage control models: beyond traditional access control , 2002, SACMAT '02.

[10]  Thavy Mony Annanda Rath,et al.  Patient Privacy Preservation: P-RBAC vs OrBAC in Patient Controlled Records Type of Centralized Healthcare Information System. Case study of Walloon Healthcare Network, Belgium , 2012, eTELEMED 2012.

[11]  Elisa Bertino,et al.  Multi-domain and privacy-aware role based access control in eHealth , 2008, Pervasive 2008.

[12]  Christian Schaefer,et al.  Usage Control Enforcement: Present and Future , 2008, IEEE Security & Privacy.

[13]  Alexander Pretschner,et al.  Distributed usage control , 2006, CACM.

[14]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[15]  Michael Carl Tschantz,et al.  Formalizing and Enforcing Purpose Restrictions in Privacy Policies , 2012, 2012 IEEE Symposium on Security and Privacy.

[16]  Jaehong Park,et al.  Formal model and policy specification of usage control , 2005, TSEC.

[17]  Jean-Noel Colin,et al.  Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare , 2013, Int. J. Secur. Networks.