Fine-grained access control via policy-carrying data

Julian A. Padget, Wamberto W. Vasconcelos*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

4 Citations (Scopus)
15 Downloads (Pure)

Abstract

We address the problem of associating access policies with datasets and how to monitor compliance via policy-carrying data. Our contributions are a formal model in first-order logic inspired by normative multiagent systems to regulate data access, and a computational model for the validation of specific use cases and the verification of policies against criteria. Existing work on access policy identifies roles as a key enabler, with which we concur, but much of the rest focusses on authentication and authorization technology. Our proposal aims to address the normative principles put forward in Berners-Lee's bill of rights for the internet, through human-readable but machine-processable access control policies.

Original languageEnglish
Article number31
JournalACM Transactions on Internet Technology
Volume18
Issue number3
DOIs
Publication statusPublished - 2017

Bibliographical note

W. W. Vasconcelos acknowledges the support of the Engineering and Physical Sciences Research Council (EPSRC, UK) within the research project “Scrutable Autonomous Systems” (SAsSY, http://www.scrutable-systems.org, Grant ref.
EP/J012084/1).

Also in: Journal
ACM Transactions on Reconfigurable Technology and Systems (TRETS) - Special Section on FCCM 2016 and Regular Papers TRETS Homepage archive
Volume 11 Issue 1, March 2018
Article No. 31
ACM New York, NY, USA

Keywords

  • Action language
  • Answer set programming
  • Data sharing
  • Deontic logic
  • Privacy policy

Fingerprint

Dive into the research topics of 'Fine-grained access control via policy-carrying data'. Together they form a unique fingerprint.

Cite this