Extracting Access Control and Conflict Resolution Policies from European Data Protection Law

Abstract : This paper presents the extraction of a legal access control policy and a conflict resolution policy from the EU Data Protection Directive [1]. These policies are installed in a multi-policy authorization infrastructure described in [2, 3]. A Legal Policy Decision Point (PDP) is constructed with a legal access control policy to provide automated decisions based on the relevant legal provisions. The legal conflict resolution policy is configured into a Master PDP to make sure that the legal access control policy gets priority over access control policies provided by other authorities i.e. the data subject, the data issuer and the data controller. We describe how clauses of the Directive are converted into access control rules based on attributes of the subject, action, resource and environment. There are currently some limitations in the conversion process, since the majority of provision require additional interpretation by humans. These provisions cannot be converted into deterministic rules for the PDP. Other provisions do allow for the extraction of PDP rules but need to be tailored to the application environment before they are configured into the Legal PDP.
Type de document :
Communication dans un congrès
Jan Camenisch; Bruno Crispo; Simone Fischer-Hübner; Ronald Leenes; Giovanni Russello. 7th PrimeLife International Summer School (PRIMELIFE), Sep 2011, Trento, Italy. Springer, IFIP Advances in Information and Communication Technology, AICT-375, pp.59-72, 2012, Privacy and Identity Management for Life. 〈10.1007/978-3-642-31668-5_5〉
Liste complète des métadonnées

Littérature citée [14 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01517595
Contributeur : Hal Ifip <>
Soumis le : mercredi 3 mai 2017 - 14:28:00
Dernière modification le : mercredi 3 mai 2017 - 14:53:41
Document(s) archivé(s) le : vendredi 4 août 2017 - 13:28:00

Fichier

978-3-642-31668-5_5_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Kaniz Fatema, David Chadwick, Brendan Alsenoy. Extracting Access Control and Conflict Resolution Policies from European Data Protection Law. Jan Camenisch; Bruno Crispo; Simone Fischer-Hübner; Ronald Leenes; Giovanni Russello. 7th PrimeLife International Summer School (PRIMELIFE), Sep 2011, Trento, Italy. Springer, IFIP Advances in Information and Communication Technology, AICT-375, pp.59-72, 2012, Privacy and Identity Management for Life. 〈10.1007/978-3-642-31668-5_5〉. 〈hal-01517595〉

Partager

Métriques

Consultations de la notice

45

Téléchargements de fichiers

17