Preserving Privacy Based on Semantic Policy Tools
Different organizations are constantly collecting, analyzing, and storing individuals' private data: shopping sites want to provide better service and recommendations, hospitals to improve healthcare, and government agencies to enable national defense and law enforcement. Sharing data lets thes...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | en_US |
| Published: |
IEEE Computer and Reliability Societies
2012
|
| Online Access: | http://hdl.handle.net/1721.1/71140 |
| _version_ | 1826206252447825920 |
|---|---|
| author | Kagal, Lalana Pato, Joseph |
| author2 | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory |
| author_facet | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory Kagal, Lalana Pato, Joseph |
| author_sort | Kagal, Lalana |
| collection | MIT |
| description | Different organizations are constantly collecting, analyzing, and storing individuals' private data: shopping sites want to provide better service and recommendations, hospitals to improve healthcare, and government agencies to enable national defense and law enforcement. Sharing data lets these organizations discover important knowledge and draw useful conclusions but raises concerns about information privacy and trust. Until recently, the focus was on restricting access to data on a "need-to-know" basis, but since the 9/11 Commission, the paradigm has shifted to a "need to share." The authors explore the use of semantic privacy policies, justifications for data requests, and automated auditing to encourage sharing of sensitive data between organizations. They describe an architecture based on policy tools that evaluate incoming queries against semantic policies and domain knowledge and provide a justification for each query-why they're permitted, denied, or inapplicable. Using a semantic policy language gives policies explicit semantics that allow all participants to unambiguously understand their meaning. The justifications generated by checking incoming requests against these policies help requesters formulate privacy-aware queries. Reasoning over event logs and justifications allows data owners to verify that their privacy policies are being correctly enforced. |
| first_indexed | 2024-09-23T13:26:30Z |
| format | Article |
| id | mit-1721.1/71140 |
| institution | Massachusetts Institute of Technology |
| language | en_US |
| last_indexed | 2024-09-23T13:26:30Z |
| publishDate | 2012 |
| publisher | IEEE Computer and Reliability Societies |
| record_format | dspace |
| spelling | mit-1721.1/711402022-09-28T14:14:29Z Preserving Privacy Based on Semantic Policy Tools Kagal, Lalana Pato, Joseph Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory Kagal, Lalana S. Kagal, Lalana Different organizations are constantly collecting, analyzing, and storing individuals' private data: shopping sites want to provide better service and recommendations, hospitals to improve healthcare, and government agencies to enable national defense and law enforcement. Sharing data lets these organizations discover important knowledge and draw useful conclusions but raises concerns about information privacy and trust. Until recently, the focus was on restricting access to data on a "need-to-know" basis, but since the 9/11 Commission, the paradigm has shifted to a "need to share." The authors explore the use of semantic privacy policies, justifications for data requests, and automated auditing to encourage sharing of sensitive data between organizations. They describe an architecture based on policy tools that evaluate incoming queries against semantic policies and domain knowledge and provide a justification for each query-why they're permitted, denied, or inapplicable. Using a semantic policy language gives policies explicit semantics that allow all participants to unambiguously understand their meaning. The justifications generated by checking incoming requests against these policies help requesters formulate privacy-aware queries. Reasoning over event logs and justifications allows data owners to verify that their privacy policies are being correctly enforced. United States. Air Force Office of Scientific Research (Award FA9550-09- 1-0152) United States. Intelligence Advanced Research Projects Activity (Award number FA8750-07-2- 0031) 2012-06-14T14:00:36Z 2012-06-14T14:00:36Z 2010-07 2010-04 Article http://purl.org/eprint/type/JournalArticle 1540-7993 INSPEC Accession Number: 11447356 http://hdl.handle.net/1721.1/71140 Kagal, Lalana, and Joseph Pato. “Preserving Privacy Based on Semantic Policy Tools.” IEEE Security & Privacy Magazine 8.4 (2010): 25–30. Web.© 2010 IEEE. en_US http://dx.doi.org/10.1109/MSP.2010.89 IEEE Security & Privacy Magazine Article is made available in accordance with the publisher's policy and may be subject to US copyright law. Please refer to the publisher's site for terms of use. application/pdf IEEE Computer and Reliability Societies IEEE |
| spellingShingle | Kagal, Lalana Pato, Joseph Preserving Privacy Based on Semantic Policy Tools |
| title | Preserving Privacy Based on Semantic Policy Tools |
| title_full | Preserving Privacy Based on Semantic Policy Tools |
| title_fullStr | Preserving Privacy Based on Semantic Policy Tools |
| title_full_unstemmed | Preserving Privacy Based on Semantic Policy Tools |
| title_short | Preserving Privacy Based on Semantic Policy Tools |
| title_sort | preserving privacy based on semantic policy tools |
| url | http://hdl.handle.net/1721.1/71140 |
| work_keys_str_mv | AT kagallalana preservingprivacybasedonsemanticpolicytools AT patojoseph preservingprivacybasedonsemanticpolicytools |