World Scientific
  • Search
    Quick Search in Journals
    Access type:
    Quick Search anywhere
    Access type:
    Advanced Search
  • My Cart
  •   
Skip main navigation

Cookies Notification

We use cookies on this site to enhance your user experience. By continuing to browse the site, you consent to the use of our cookies. Learn More
×
Regular PapersNo Access

FROM HIPPOCRATIC DATABASES TO SECURE TROPOS: A COMPUTER-AIDED RE-ENGINEERING APPROACH

    https://doi.org/10.1142/S0218194007003239Cited by:4 (Source: Crossref)
    Previous
    Next

    Abstract

    Privacy protection is a growing concern in the marketplace. Yet, privacy requirements and mechanisms are usually retro-fitted into a pre-existing design which may not be able to accommodate them due to potential conflicts with functional requirements.

    We propose a procedure for automatically extracting privacy requirements from databases supporting access control mechanisms for personal data (hereafter Hippocratic databases) and representing them in the Secure Tropos framework where tools are available for checking the correctness and consistency of privacy requirements. The procedure is illustrated with a case study.

    References

    • S.   Abiteboul , R.   Hull and V.   Vianu , Foundations of Databases ( Addison-Wesley ) . Google Scholar
    • N. R. Adam and J. C. Worthmann, CSUR 21(4), 515 (1989), DOI: 10.1145/76894.76895. Web of ScienceGoogle Scholar
    • R. Agrawalet al., Hippocratic databases, Proc. VLDB '02 (Morgan Kaufmann, 2002) pp. 143–154. Google Scholar
    • A. I. Antón, D. Bolchini, and Q. He, The Use of Goals to Extract Privacy and Security Requirements from Policy Statements, Technical Report TR-2003-17, NCSU Computer Science, September 2003 . Google Scholar
    • A. I. Antón and J. B. Earp, Requirements Eng. J. 9(3), 169 (2004). Web of ScienceGoogle Scholar
    • M. Backeset al., Efficient comparison of enterprise privacy policies, Proc. SAC '04 (ACM Press, 2004) pp. 375–382, DOI: 10.1145/967900.967983. Google Scholar
    • M. Backes, B. Pfitzmann and M. Schunter, A toolkit for managing enterprise privacy policies, Proc. ESORICS '03, LNCS 2808 (Springer, 2003) pp. 162–180. Google Scholar
    • D. E. Bell and L. J. LaPadula, Secure Computer System: Unified Exposition and MULTICS Interpretation, Technical Report MTR-2997 Rev. 1, The MITRE Corporation, Bedford, MA, 1976 . Google Scholar
    • P. Brescianiet al., JAAMAS 8(3), 203 (2004). Web of ScienceGoogle Scholar
    • J.-W. Byun, E. Bertino, and N. Li, Purpose-Based Access Control for Privacy Protection in Relational Database Systems, Technical Report 2004-52, Purdue University, 2004 . Google Scholar
    • J.-W. Byun, E. Bertino and N. Li, Purpose based access control of complex data for privacy protection, Proc. SACMAT '05 (ACM Press, 2005) pp. 102–110, DOI: 10.1145/1063979.1063998. Google Scholar
    • L. Cranor, M. Langheinrich, M. Marchiori, and J. Reagle, The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, W3C Recommendation, April 2002 . Google Scholar
    • T. Dell'Armiet al., Aggregate functions in disjunctive logic programming: Semantics, complexity, and implementation in DLV, Proc. IJCAI '03 (Morgan Kaufmann, 2003) pp. 847–852. Google Scholar
    • D. Downset al., Issues in discretionary access control, Proc. Symp. on Sec. and Privacy (IEEE Press, 1985) pp. 208–218. Google Scholar
    • P. Giorginiet al., Filling the gap between requirements engineering and public key/trust management infrastructures, Proc. EuroPKI '04, LNCS 3093 (Springer, 2004) pp. 98–111. Google Scholar
    • P. Giorginiet al., Requirements engineering meets trust management: Model, methodology, and reasoning, Proc. iTrust '04, LNCS 2995 (Springer, 2004) pp. 176–190. Google Scholar
    • P. Giorginiet al., Modelling social and individual trust in requirements engineering methodologies, Proc. iTrust '05, LNCS 3477 (Springer, 2005) pp. 161–176. Google Scholar
    • Q. He and A. I. Antón, A framework for modeling privacy requirements in role engineering, Proc. REFSQ'03 (2003) pp. 137–146. Google Scholar
    • G. Karjoth, M. Schunter and M. Waidner, Platform for enterprise privacy practices: Privacy-enabled management of customer data, Proc. PET '02, LNCS 2482 (Springer, 2002) pp. 69–84. Google Scholar
    • K. LeFevreet al., Limiting disclosure in hippocratic databases, Proc. VLDB '04 (Morgan Kaufmann, 2004) pp. 108–119. Google Scholar
    • L. Liu, E. S. K. Yu and J. Mylopoulos, Security and privacy requirements analysis within a social setting, Proc. RE '03 (IEEE Press, 2003) pp. 151–161. Google Scholar
    • F. Massacci, J. Mylopoulos and N. Zannone, The VLDB J.  (2006). Google Scholar
    • F. Massacci, M. Prest and N. Zannone, Comp. Standards & Interfaces 27(5), 445 (2005). Web of ScienceGoogle Scholar
    • F.   Massacci and N.   Zannone , Privacy is linking permission to purpose , Proc. 12th Int. Workshop on Sec. Protocols ( 2004 ) . Google Scholar
    • C. S. Powers, P. Ashley and M. Schunter, Privacy promises, access control, and privacy management: Enforcing privacy throughout an enterprise by extending access control, Proc. ISEC '02 (IEEE Press, 2002) pp. 13–21, DOI: 10.1109/ISEC.2002.1166906. Google Scholar
    • R. S. Sandhuet al., IEEE Comp. 29(2), 38 (1996), DOI: 10.1109/2.485845. Web of ScienceGoogle Scholar
    • A. van Lamsweerdeet al., From system goals to intruder anti-goals: Attack generation and resolution for security requirements engineering, Proc. RHAS '03 (2003) pp. 49–56. Google Scholar