Sciweavers

SPW
2004
Springer

Privacy Is Linking Permission to Purpose

14 years 5 months ago
Privacy Is Linking Permission to Purpose
Abstract Fabio Massacci1 and Nicola Zannone1 Department of Information and Communication Technology University of Trento - Italy {massacci,zannone} at dit.unitn.it The last years have seen a peak in privacy related research. The focus has been mostly on how to protect the individual from being tracked, with plenty of anonymizing solutions. We advocate another model that is closer to the “physical” world: we consider our privacy respected when our personal data is used for the purpose for which we gave it in the first place. Essentially, in any distributed authorization protocol, credentials should mention their purpose beside their powers. For this information to be meaningful we should link it to the functional requirements of the original application. We sketch how one can modify a requirement engineering methodology to incorporate security concerns so that we explicitly trace back the highlevel goals for which a functionality has been delegated by a (human or software) agent to...
Fabio Massacci, Nicola Zannone
Added 02 Jul 2010
Updated 02 Jul 2010
Type Conference
Year 2004
Where SPW
Authors Fabio Massacci, Nicola Zannone
Comments (0)