Sciweavers

EUC
2007
Springer

Obligations for Privacy and Confidentiality in Distributed Transactions

14 years 6 months ago
Obligations for Privacy and Confidentiality in Distributed Transactions
Existing access control systems are typically unilateral in that the enterprise service provider assigns the access rights and makes the access control decisions, and there is no negotiation between the client and the service provider. As access management systems lean towards being user-centric, unilateral approaches can no longer adequately preserve the user’s privacy, particularly where the communicating parties have no pre-existing trust relationships. Establishing sufficient trust is therefore essential before parties can exchange sensitive information. This paper describes a bilateral symmetric approach to access control which deals with privacy and confidentiality simultaneously in distributed transactions. We introduce the concept of Obligation of Trust (OoT) as a privacy assurance mechanism that is built upon the XACML standard. The OoT allows communicating parties to dynamically exchange their privacy requirements, which we term Notification of Obligations (NOB) as well as ...
Uche M. Mbanaso, G. S. Cooper, David W. Chadwick,
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Where EUC
Authors Uche M. Mbanaso, G. S. Cooper, David W. Chadwick, Anne Anderson
Comments (0)