Visualising Access Control: The PRISM Approach

Despite the usefulness of passive network monitoring for the operation, maintenance, control and protection of communication networks, as well as law enforcement, network monitoring activities are surrounded by serious privacy implications. In this paper, a software tool for the management of privacy-preserving authorisation and access control to data originating from passive network monitoring is described. It offers a user-friendly, visual interface for the specification of the underlying concepts, such as roles, data types, actions, rules and contextual information, providing the appropriate level of abstraction. Based on the specified model, the proposed application generates the cryptographic means for the dissemination of the provisions to the enforcing entities, while relying on an ontological model for the representation of the access control policies.

[1]  Dimitra I. Kaklamani,et al.  Privacy-Aware Access Control and Authorization in Passive Network Monitoring Infrastructures , 2010, 2010 10th IEEE International Conference on Computer and Information Technology.

[2]  Dirk Grunwald,et al.  Legal issues surrounding monitoring during network research , 2007, IMC '07.

[3]  Diomidis Spinellis,et al.  The Athens Affair , 2007, IEEE Spectrum.

[4]  X Itu,et al.  Information technology-open systems interconnection-the directory: Public-key and attribute certific , 2000 .

[5]  Dimitra I. Kaklamani,et al.  Semantic Information Model for Privacy-Aware Access Control , 2010, 2010 14th Panhellenic Conference on Informatics.

[6]  Dimitra I. Kaklamani,et al.  Privacy-Aware Passive Network Monitoring , 2009, 2009 13th Panhellenic Conference on Informatics.

[7]  Frank van Harmelen,et al.  Web Ontology Language: OWL , 2004, Handbook on Ontologies.