to enable privacy aware soa
play

to Enable Privacy-aware SOA L. Bussard European Microsoft - PowerPoint PPT Presentation

Apr 11, 2023 •157 likes •394 views

Data Privacy Management (DPM09) September 24, 2009 Obligation Language and Framework to Enable Privacy-aware SOA L. Bussard European Microsoft Innovation Center (joint work with M. Ali and U. Pinsdorf) A research project funded by the

  1. Data Privacy Management (DPM’09) September 24, 2009 Obligation Language and Framework to Enable Privacy-aware SOA L. Bussard European Microsoft Innovation Center (joint work with M. Ali and U. Pinsdorf) A research project funded by the European Commission’s 7 th Framework Programme 1

  2. Outlines  PrimeLife  Privacy in Service Oriented Architectures  Shortcoming of State of the Art  Our Solution  Specifying Obligations  Enforcing Obligations  Future Work 2

  3. PrimeLife in a Nutshell  Partners  Technical Goals  Privacy policies and preferences  Anonymous credentials  User experience  http://www.primelife.eu/ 3

  4. Privacy in SOA Policy Pref.  Variety of technologies: mash-ups, workflows, PII orchestrations  Multi-hop data sharing  Multiple trust domains  Data from multiple users may be combined.  Dynamic discovery and binding ?  Persons may consume PII 4

  5. General Scenario User Service Third (data (data Party subject) 1) Policy controller) (downstream data 2) controller) Pref. 3) Can I share? (Matching) 4) PII + SP 5) store 6) Can I use for… ? 7) Obligations Policy’ 8) Can I share? PII + SP’ 5

  6. state of the art: APPEL + P3P + EPAL User Service Third P3P (data (data Party subject) 1) Policy controller) (downstream data 2) controller) Pref. APPEL 3) Can I share? (Matching) 4) PII + SP 5) store Boolean 6) Can I use for… ? 7) Obligations EPAL Policy’ 8) Can I share? PII + SP’ 6

  7. state of the art: PRIME User Service Third (data (data Party subject) 1) Policy controller) (downstream data 2) controller) Pref. 3) Can I share? (Matching) PRIME-DHP 4) PII + SP 5) store 6) Can I use for… ? 7) Obligations PRIME-obligations Policy’ PRIME-AC 8) Can I share? PII + SP’ 7

  8. Shortcoming of state of the art User Service Third (data (data Party subject) 1) Policy controller) (downstream data 2) controller) Pref. 3) Can I share? (Matching) PRIME-DHP 4) PII + SP 5) store 6) Can I use for… ? 7) Obligations PRIME-obligations Policy’ PRIME-AC 8) Can I share? PII + SP’ 8

  9. Our Approach User Service Third Party (data (data (downstream data controller) subject) controller) 1) Policy  Policy Language 2) Pref . 3) Can I share? (Matching)  Rights 4) PII + SP 5) store  Data usage (purpose, etc.) 6) Can I use for… ? 7) Obligations  Data sharing (Access Control, etc.) Policy’  Obligations 8) Can I share? PII + SP’  Triggers + Actions  Examples: Retention, Notification, Log, etc.  Policy Matching  Similar language for policies, preferences, and sticky policies  Policy Enforcement 9

  10. Our Solution Service Privacy Privacy Policy Preferences Policy Matching Engine Rights Rights 1 1 Obligations Obligations 2 Policy Sticky Policy Enforcement Engine 3 Rights Obligations User 4 4 Legacy Legacy system system 10

  11. Applying our solution User Service Third (data (data Party Privacy Privacy Policy Preferences Policy Matching subject) 1) Policy controller) (downstream Engine Rights Rights 1 1 data 2) controller) Pref. Obligations Obligations 3) Can I share? 2 (Matching) Policy Sticky Policy Enforcement Engine 3 Rights 4) PII + SP 5) store Obligations 4 4 Privacy Pref. Privacy Policy of Extern Extern Sticky Policy al al third party Policy Matching syste syste 6) Can I use for… ? Engine m m Rights Rights 5 5 7) Obligations Obligations Obligations 6 Policy’ Policy New Sticky Policy Enforcement Engine 7 8) Can I share? Rights Obligations PII + SP’ 8 8 Externa Externa l l system system 11

  12. Our Solution Service Privacy Privacy Policy Preferences Policy Matching Engine Rights Rights 1 1 Obligations Obligations 2 Policy Sticky Policy Enforcement Engine 3 Rights Obligations User 4 4 Legacy Legacy system system 12

  13. Obligation  We define obligation as: “Promise made by a SUBJECT to be fulfilled through some ACTION under defined TIMELINES and CONDITIONS”  Example:  X Says X will DELETE U’s Data within 6 Months 13

  14. Obligation Requirements Independence from Transport / Storage  Independence from policy language  Independence from data storage  Independence from communication protocols  Extensibility  Support for common obligations  Support for domain specific obligations  Abstraction  Support for abstraction of actions  Support for preventive obligations  Support for abstraction of triggers  Deployments  Support for distributed deployment  Support for different trust models  Auditability  Transparency of data handling  Matching  14

  15. Obligation Structure X Says X will DELETE U’s Data within 6 Months Policy Trigger/ Subject Action Object (Parameter Issuer Condition of Action) Obligation Rule Subject  The entity liable to fulfill obligation  (i.e. the subject of the obligation not the data subject) Action  The activity (or sequence of activities) executed to fulfill obligation  Conditions (Temporal constraints, generic conditions etc)  Constraints on the obligation rule  Triggers  Inward event to trigger execution of obligation rule  Outward Events  Outward notification events  15

  16. Obligation Classification  Trigger-related  Conditional vs. Mandatory  Repeating vs. Non-Repeating  Action-related  Proactive vs. Preventive  Observable vs. Non-observable  Subject-related  Collective vs. Individual  Self Obligation vs. Third Party Obligations 16

  17. Proposed Framework Architecture PII, Obligation Protocols Plug-in Plug-in Obligation Obligation Policy Extractor Parser EE Schedule Scheduler PII Register Obligation Event System Trigger Engine event Plug-in Plug-in Plug-in Plug-in Policy Repository Obligation Engine Actions Plug-in Plug-in Obligation Systems Framework Plug-in Plug-in Legacy Systems action (e.g. DataBase) 17

  18. Setting plug-ins X Says X will DELETE U’s Data within 6 Months delete … Actions Trigger Notify Delete Log time read … Systems Systems SQL- Exchan SQL- Sched … … Server ge Server uler Scheduler Legacy Systems 18

  19. Setting plug-ins X Says X will NOTIFY user U when read U’s Data delete … Actions Trigger Notify Delete Log time read … Systems Systems SQL- Exchan SQL- Sched … … Server ge Server uler Scheduler Legacy Systems 19

  20. Plug-ins in action Policy Repository Obligation Engine Event Engine delete … Actions Triggers Notify Delete Log time read … Systems Systems SQL- Exchan SQL- Sched … … Server ge Server uler Read Scheduler Send e-mail Legacy Systems PII 20

  21. Results  A language to describe obligations  Definition of Triggers  Definition of Actions  Implementation of an enforcement framework  Mechanisms to extend language and enforcement with domain specific obligations 21

  22. Ongoing and Future work  Matching obligations  Semantics of actions and triggers  Policy is-less-permissive-than Preference ? (to appear: PrimeLife document H5.3.2)  Integration with policy languages  XACML-based data handling (to appear: PrimeLife H5.3.2)  SecPAL for Privacy (September’09 MSR report: MSR -TR-2009-128)  Matching behavior (traces) and policies  Checking enforceability of policies 22

  23. Questions? ? Laurent Bussard European Microsoft Innovation Center lbussard@microsoft.com http://research.microsoft.com/en-us/people/lbussard/ 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Privacy by Design Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich Privacy by

Privacy by Design Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich Privacy by

Privacy by Design Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich Privacy by Design ETH Zurich, Switzerland www.inf.ethz.ch/~langhein Ubicomp 2001, Atlanta Contents Ubicomp 2001, Atlanta ! Privacy primer Does privacy

680 views • 22 slides
Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo

Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo

Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo University of Pennsylvania July 12, 2018 Overview of Research Tort and products liability for CPS Privacy and cybersecurity regulation NHTSA

472 views • 25 slides
Designing Privacy-Aware Social Networks: A Mul:-Agent Approach

Designing Privacy-Aware Social Networks: A Mul:-Agent Approach

4th workshop on Web Intelligence & Communities, Lyon, 16th April 2012 Designing Privacy-Aware Social Networks: A Mul:-Agent Approach Andrei Ciortea 1 , Yann Krupa 2 , Laurent

630 views • 21 slides
Privacy-Aware Machine Learning Systems Borja Balle Data is the New Oil The Economist, May 2017

Privacy-Aware Machine Learning Systems Borja Balle Data is the New Oil The Economist, May 2017

Privacy-Aware Machine Learning Systems Borja Balle Data is the New Oil The Economist, May 2017 The Importance of (Data) Privacy 4.5.2016 Official Journal of the European Union L 119/1 EN Universal declaration of human rights

605 views • 36 slides
Collaborative and privacy-aware sensing for Gon calves, Rui Jos e, Carlos Baquero

Collaborative and privacy-aware sensing for Gon calves, Rui Jos e, Carlos Baquero

Collaborative and privacy-aware sensing for observing urban movement patterns Nelson Collaborative and privacy-aware sensing for Gon calves, Rui Jos e, Carlos Baquero observing urban movement patterns Universidade do Minho and

643 views • 16 slides
What Do You Want to Share Today? Building Privacy-Aware AmI-Systems Marc Langheinrich

What Do You Want to Share Today? Building Privacy-Aware AmI-Systems Marc Langheinrich

What Do You Want to Share Today? Building Privacy-Aware AmI-Systems Marc Langheinrich Institute for Pervasive Computing ETH Zrich March 21. 2006 SWAMI Conference, Brussels 1 Fair Information Principles (FIP) Drawn up by the OECD,

973 views • 18 slides
Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and

Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and

Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and the Intel-NSF Partnership for Cyber- Physical Systems Security and Privacy) Insup Lee (PI) PRECISE Center School of Engineering and Applied Science

1.11k views • 34 slides
PRETSA: Event Log Sanitization for Privacy-aware Process Discovery Stephan A.

PRETSA: Event Log Sanitization for Privacy-aware Process Discovery Stephan A.

PRETSA: Event Log Sanitization for Privacy-aware Process Discovery Stephan A. Fahrenkrog-Petersen, Han van der Aa & Matthias Weidlich Motivation hu-berlin.de/pda 2 Related Work [Sweeney et al., 2002] Process Mining [Monreale et

670 views • 20 slides
USEMP vision for privacy-aware digital marketing & advertising, a proposal for a

USEMP vision for privacy-aware digital marketing & advertising, a proposal for a

USEMP vision for privacy-aware digital marketing & advertising, a proposal for a useragent-centric model Authors: T.Michalareas (VELTI) & USEMP consortium partners (see ref.1 ) Abstract In this position paper we present

792 views • 5 slides
Enabling Privacy-Aware Zone Exchanges Among Authoritative and Recursive DNS Servers Nikos

Enabling Privacy-Aware Zone Exchanges Among Authoritative and Recursive DNS Servers Nikos

Enabling Privacy-Aware Zone Exchanges Among Authoritative and Recursive DNS Servers Nikos Kostopoulos, Dimitris Kalogeras and Vasilis Maglaris NET work M anagement & O ptimal De sign ( NETMODE ) Laboratory School of Electrical & Computer

309 views • 17 slides
Building a geo-aware OS Zeeshan Ali (khattak) NO KAT PICTUREZ! What am I babbling about?

Building a geo-aware OS Zeeshan Ali (khattak) NO KAT PICTUREZ! What am I babbling about?

Building a geo-aware OS Zeeshan Ali (khattak) NO KAT PICTUREZ! What am I babbling about? Geo-aware GNOME Geoclue Over-complicated Geoclue2 Simple Privacy 3 sources Mozilla Location Services GeoIP Accuracy: City-level

834 views • 49 slides
Preserving Privacy in GPS Traces via Uncertainty-Aware Path Cloaking Baik Hoh, Marco Gruteser

Preserving Privacy in GPS Traces via Uncertainty-Aware Path Cloaking Baik Hoh, Marco Gruteser

Preserving Privacy in GPS Traces via Uncertainty-Aware Path Cloaking Baik Hoh, Marco Gruteser (WINLAB) Hui Xiong (Rutgers Univ.) and Ansaf Alrabady (General Motors Corp.) WINLAB Research Review May. 2007 1 Motivation: Traffic Monitoring

261 views • 12 slides
Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search

Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search

Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search Ph.D. Dissertation Defense Zeeshan Pervez Department of Computer Engineering Kyung Hee University, Global Campus, Korea email:

650 views • 24 slides
Engineering Multiagent Systems for Ethics and Privacy-Aware Social Computing Nirav Ajmeri (Under

Engineering Multiagent Systems for Ethics and Privacy-Aware Social Computing Nirav Ajmeri (Under

Engineering Multiagent Systems for Ethics and Privacy-Aware Social Computing Nirav Ajmeri (Under the guidance of Professor Munindar P. Singh) Department of Computer Science North Carolina State University December 2018 Nirav Ajmeri EMAS for

752 views • 43 slides
Privacy-aware Document Ranking with Neural Signals Jinjin Shao, Shiyu Ji, Tao Yang Department of

Privacy-aware Document Ranking with Neural Signals Jinjin Shao, Shiyu Ji, Tao Yang Department of

Privacy-aware Document Ranking with Neural Signals Jinjin Shao, Shiyu Ji, Tao Yang Department of Computer Science University of California, Santa Barbara United States Challenge for Private Ranking Client uploads encrypted documents and

795 views • 20 slides
TOWARDS PRIVACY-AWARE RESEARCH AND DEVELOPMENT IN WEARABLE HEALTH A WEAR BLES one survey

TOWARDS PRIVACY-AWARE RESEARCH AND DEVELOPMENT IN WEARABLE HEALTH A WEAR BLES one survey

Center for Democracy Technology & TOWARDS PRIVACY-AWARE RESEARCH AND DEVELOPMENT IN WEARABLE HEALTH A WEAR BLES one survey found that 68.1 million wearables there are 211 million

372 views • 11 slides
P trt rt

P trt rt

P trt rt rt r st ts Prr r

708 views • 35 slides
LARP Crab Cavi,es Program Overview A. Ra5 LBNL Feb.

LARP Crab Cavi,es Program Overview A. Ra5 LBNL Feb.

LARP Crab Cavi,es Program Overview A. Ra5 LBNL Feb. 17, 2014 DOE Review of LARP February 17-18, 2014 Outline Mo,va,on and Overview of the CRAB program

583 views • 21 slides
PUTTING LANGUAGE AND DATA STANDARDS AND BEST PRACTICES INTO ACTION: THE FREME FRAMEWORK

PUTTING LANGUAGE AND DATA STANDARDS AND BEST PRACTICES INTO ACTION: THE FREME FRAMEWORK

Co-funded by the Horizon 2020 Framework Programme of the European Union Grant Agreement Number 644771 PUTTING LANGUAGE AND DATA STANDARDS AND BEST PRACTICES INTO ACTION: THE FREME FRAMEWORK META-FORUM, 5 JULY 2016 Presented by Felix Sasaki

668 views • 20 slides
What is i-THRIVE? gm.thrive@mft.nhs.uk #gmithrive @gmithrive What is i-THRIVE? These slides

What is i-THRIVE? gm.thrive@mft.nhs.uk #gmithrive @gmithrive What is i-THRIVE? These slides

What is i-THRIVE? gm.thrive@mft.nhs.uk #gmithrive @gmithrive What is i-THRIVE? These slides aim to answer key questions about implementing the THRIVE Framework for system change (Wolpert et al., 2019). Lets start by clarifying the terms we

421 views • 27 slides
Lisp for the Win Gbor Melis @GaborMelis | http://quotenil.com | mega@retes.hu Franz Inc. 2014

Lisp for the Win Gbor Melis @GaborMelis | http://quotenil.com | mega@retes.hu Franz Inc. 2014

I NTRODUCTION S ELF A PPLY W RAPUP Lisp for the Win Gbor Melis @GaborMelis | http://quotenil.com | mega@retes.hu Franz Inc. 2014 May 6 @GaborMelis Franz Inc. I NTRODUCTION S ELF A PPLY W RAPUP W HAT S THIS ? @GaborMelis Franz Inc. I

479 views • 33 slides
P sss t

P sss t

P sss t Pr Pr rr r tr Pr rr

880 views • 33 slides
Artificial Intelligence Berlin Chen 2003 Course Contents The theoretical and practical

Artificial Intelligence Berlin Chen 2003 Course Contents The theoretical and practical

Artificial Intelligence Berlin Chen 2003 Course Contents The theoretical and practical issues for all displineies Artificial Intelligence (AI) will be considered AI is interdisciplinary ! Foundational Topics to Covered

510 views • 33 slides
Unreproducible tests Successes, failures, and lessons in testing and verification Michael D.

Unreproducible tests Successes, failures, and lessons in testing and verification Michael D.

Unreproducible tests Successes, failures, and lessons in testing and verification Michael D. Ernst University of Washington Presented at ICST 20 April 2012 Reproducibility: The linchpin of verification A test should behave deterministically

1.06k views • 39 slides

More recommend