186,777 research outputs found
Regulating Service Access and Information Release on the Web
The widespread use of Internet-based services is increasing the amount of information (such as user profiles) that clients are required to disclose. This information demand is necessary for regulating access to services, and functionally convenient (e.g., to support service customization), but it has raised privacy-related concerns which, if not addressed, may affect the users disposition to use network services. At the same time, servers need to regulate service access without disclosing entirely the details of their access control policy. There is therefore a pressing need for privacy-aware techniques to regulate access to services open to the network. We propose an approach for regulating service access and information disclosure on the Web. The approach consists of a uniform formal framework to formulate-and reason about-both service access and information disclosure constraints. It also provides a means for parties to communicate their requirements while ensuring that no private information be disclosed and that the communicated requirements are correct w.r.t. the constraints
Proceedings of the 29th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2015)
A Uniform Framework for Regulating Service Access and Information Release on the Web
The widespread use of Internet-based services is increasing the amount of information (such as user profiles) that clients are required to disclose. This information demand is necessary for regulating access to services, and functionally convenient (e.g., to support service customization), but it has raised privacy-related concerns which, if not addressed, may affect the users disposition to use network services. At the same time, servers need to regulate service access without disclosing entirely the details of their access control policy. There is therefore a pressing need for privacy-aware techniques to regulate access to services open to the network. We propose an approach for regulating service access and information disclosure on the Web. The approach consists of a uniform formal framework to formulate - and reason about - both service access and information disclosure constraints. It also provides a means for parties to communicate their requirements while ensuring that no private information be disclosed and that the communicated requirements are correct with respect to the constraints
Data security and privacy in the Cloud
Achieving data security and privacy in the cloud means ensuring confidentiality and integrity of data and computations, and protection from non authorized accesses. Satisfaction of such requirements
entails non trivial challenges, as relying on external servers, owners lose
control on their data. In this paper, we discuss the problems of guaranteeing proper data security and privacy in the cloud, and illustrate
possible solutions for them
SECRYPT 2013 : proceedings of the 10th International conference on security and cryptography : Reykjavik, Iceland, july 29 - 31, 2013
- …
