A Logical Method for Policy Enforcement over Evolving Audit Logs

13 years 6 months ago

Download www.cs.cmu.edu

We present an iterative algorithm for enforcing policies represented in a ﬁrst-order logic, which can, in particular, express all transmission-related clauses in the HIPAA Privacy Rule. The logic has three features that raise challenges for enforcement — uninterpreted predicates (used to model subjective concepts in privacy policies), real-time temporal properties, and quantiﬁcation over inﬁnite domains (such as the set of messages containing personal information). The algorithm operates over audit logs that are inherently incomplete and evolve over time. In each iteration, the algorithm provably checks as much of the policy as possible over the current log and outputs a residual policy that can only be checked when the log is extended with additional information. We prove correctness and termination properties of the algorithm. While these results are developed in a general form, accounting for many diﬀerent sources of incompleteness in audit logs, we also prove that for th...

Deepak Garg, Limin Jia, Anupam Datta

Real-time Traffic

Algorithm | Audit Logs | CORR 2011 | Education | HIPAA Privacy Rule |

claim paper

Post Info
More Details (n/a)

Added	13 May 2011
Updated	13 May 2011
Type	Journal
Year	2011
Where	CORR
Authors	Deepak Garg, Limin Jia, Anupam Datta

Comments (0)

Sciweavers

A Logical Method for Policy Enforcement over Evolving Audit Logs

Algorithm | Audit Logs | CORR 2011 | Education | HIPAA Privacy Rule |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers