Abstract
The distributed nature of the environment in which privacy and security policies operate requires tools that help enforce consistency of policy rules across different domains. Furthermore, because changes to policy rules are required as policies evolve over time, such tools can be used by policy administrators to ensure the consistency of policy changes. in this paper, we describe a number of different policy analysis tools and techniques that we have developed over the years and present them in a unified framework in which both privacy and security policies are discussed. We cover dominance analyses of general policies, conflicts among authorizations and prohibitions, and other analyses of obligations, as well as policy similarity analysis and policy distribution. © Copyright 2009 by International Business Machines Corporation.
Recommended Citation
E. Bertino and C. Brodie and S. Calo and L. F. Cranor and C. M. Karat and J. Karat and N. Li and D. Lin and J. Lobo and Q. Ni and P. Rao and X. Wang, "Analysis of Privacy and Security Policies," IBM Journal of Research and Development, vol. 53, no. 2, Institute of Electrical and Electronics Engineers, Jan 2009.
The definitive version is available at https://doi.org/10.1147/JRD.2009.5429045
Department(s)
Computer Science
International Standard Serial Number (ISSN)
0018-8646; 0018-8646
Document Type
Article - Journal
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2024 Institute of Electrical and Electronics Engineers, All rights reserved.
Publication Date
01 Jan 2009
