The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Preventing information inference in access control

Preventing information inference in access control
Preventing information inference in access control
Technological innovations like social networks, personal devices and cloud computing, allow users to share and store online a huge amount of personal data. Sharing personal data online raises significant privacy concerns for users, who feel that they do not have full control over their data. A solution often proposed to alleviate users' privacy concerns is to let them specify access control policies that reflect their privacy constraints. However, existing approaches to access control often produce policies which either are too restrictive or allow the leakage of sensitive information. In this paper, we present a novel access control model that reduces the risk of information leakage. The model relies on a data model which encodes the domain knowledge along with the semantic relations between data. We illustrate how the access control model and the reasoning over the data model can be automatically translated in XACML. We evaluate and compare our model with existing access control models with respect to its effectiveness in preventing leakage of sensitive information and efficiency in authoring policies. The evaluation shows that the proposed model allows the definition of effective access control policies that mitigate the risks of inference of sensitive data while reducing users' effort in policy authoring compared to existing models.
87-97
Paci, Federica
9fbf3e5b-ae03-40e8-a75a-3657cbc9216e
Zannone, Nicola
c92b7e50-a300-4681-a7f4-f4741dcc7c62
Paci, Federica
9fbf3e5b-ae03-40e8-a75a-3657cbc9216e
Zannone, Nicola
c92b7e50-a300-4681-a7f4-f4741dcc7c62

Paci, Federica and Zannone, Nicola (2015) Preventing information inference in access control. SACMAT 15 - 20th ACM Symposium on Access Control Models and Technologies, Vienna, Austria. 01 - 03 Jun 2015. pp. 87-97 . (doi:10.1145/2752952.2752971).

Record type: Conference or Workshop Item (Paper)

Abstract

Technological innovations like social networks, personal devices and cloud computing, allow users to share and store online a huge amount of personal data. Sharing personal data online raises significant privacy concerns for users, who feel that they do not have full control over their data. A solution often proposed to alleviate users' privacy concerns is to let them specify access control policies that reflect their privacy constraints. However, existing approaches to access control often produce policies which either are too restrictive or allow the leakage of sensitive information. In this paper, we present a novel access control model that reduces the risk of information leakage. The model relies on a data model which encodes the domain knowledge along with the semantic relations between data. We illustrate how the access control model and the reasoning over the data model can be automatically translated in XACML. We evaluate and compare our model with existing access control models with respect to its effectiveness in preventing leakage of sensitive information and efficiency in authoring policies. The evaluation shows that the proposed model allows the definition of effective access control policies that mitigate the risks of inference of sensitive data while reducing users' effort in policy authoring compared to existing models.

Text
__soton.ac.uk_ude_PersonalFiles_Users_pbs1c15_mydocuments_EPrints_paci-sacmat-2015.pdf - Version of Record
Restricted to Repository staff only
Request a copy

More information

e-pub ahead of print date: 1 June 2015
Venue - Dates: SACMAT 15 - 20th ACM Symposium on Access Control Models and Technologies, Vienna, Austria, 2015-06-01 - 2015-06-03
Organisations: Electronic & Software Systems
Learn more about Cyber Physical Systems research

Identifiers

Local EPrints ID: 396946
URI: http://eprints.soton.ac.uk/id/eprint/396946
DOI: doi:10.1145/2752952.2752971
PURE UUID: a061f036-5c19-45d2-b22e-6ae88e69044d
ORCID for Federica Paci: ORCID iD orcid.org/0000-0003-3122-0236

Catalogue record

Date deposited: 17 Jun 2016 10:26
Last modified: 15 Mar 2024 01:03

Export record

Altmetrics

Contributors

Author: Federica Paci ORCID iD
Author: Nicola Zannone

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×