Browse > Article

Privacy Controller using XACML for Internet Identity Management System  

Roh, Jong-Hyuk (한국전자통신연구원 정보보호연구단)
Jin, Seung-Hun (한국전자통신연구원 정보보호연구단)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.32, no.7B, 2007 , pp. 438-447 More about this Journal
Abstract
In the Internet, an identity service must to obtain permission from a user to allow them to share data with requesting service. For that, the privacy policy, which reflects legal regulations and preferences made by the user, is needed. Also, the management interface that aids the user to make the privacy policy and the PDP system that makes admission control and policy decisions in response to a request from an entity wanting to access the personal information are needed. In this paper, the privacy controller system model handled under the internet Identity management system environment is proposed. The system has the easy interface of policy generation and the efficient policy decision process. The system applies and modifies to the XACML of OASIS group. We propose that the privacy policy is divided into the three policies, which are the user policy, the domain policy and the basic offering policy. To resolve the collision between the policies, we also propose the collision resolution policy.
Keywords
Privacy; Identity Management System; XACML;
Citations & Related Records
연도 인용수 순위
  • Reference
1 L. Cranor, M. Langheinrich, M. Marchiori, M. Presler-Marshall, and J. Reagle, The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, W3C 2002
2 Liberty Alliance Project, Liberty ID-WSF Web Services Framework Overview, 2003
3 OASIS, Assertion and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0, 2005
4 Liberty Alliance Project, Privacy and Security Best Practices, Nov. 2003
5 G.Karjoth, M.Schunter, and M.Waidner, 'Platform for Enterprise Privacy Practices: Privacy-enbaled Management of Customer Data,' LNCS 2482, 2002
6 Liberty Alliance Project, Liberty ID-FF Architecture Overview, Nov. 2003
7 M. Backes, B. Pfitzmann, and M.Schunter, 'A toolkit for managing enterprise privacy policies,' ESORICS 2003, LNCS 2808, 2003
8 OASIS, eXtensible Access Control Markup Language(XACML) Version 2.0, Committee draft 04, 2004
9 P. Ashley, 'Authorization For A Large Heterogeneous Multi-Domain System,' Australian Unix and Open Systems Group National Conference, 1997
10 Samuel D. Warren and Louis D. Brandeis, 'The Right to Privacy,' Harvard Law Review, 1980
11 류종현, '사이버공간에서의 프라이버시 침해에 관한 사례연구,' 코리아크립토, 2002
12 노종혁, 진승헌, 이균하, '인터넷 Identity 관리 시스템을 위한 프라이버시 인가,' 한국통신학회논문지, 제30권, 10B호, 2005
13 Liberty Alliance Project, Liberty ID-SIS Personal Profile Service Specification, 2003