Presentation is loading. Please wait.

Presentation is loading. Please wait.

Policy Languages and Enforcement John Mitchell Stanford 4 th IAPP Privacy Summit February 2004.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Policy Languages and Enforcement John Mitchell Stanford 4 th IAPP Privacy Summit February 2004."— Presentation transcript:

1 Policy Languages and Enforcement John Mitchell Stanford 4 th IAPP Privacy Summit February 2004

2 PORTIA research project tSensitive Information in a Wired World tTeam - Stanford, Yale, Stevens, NYU, UNM, … tTopics - Privacy-preserving data mining - Policy languages and enforcement - Identity theft and identity privacy - Using trusted platforms tContact: http://crypto.stanford.edu/portia/

3 Enterprise Access Control Policy Who What When Where Who What When Where User Right Resource Constraint Joecan openfinancials.xls using wired SSL on his laptop Resource Why

4 Policy at site A may govern resources at site B Protect distributed resources with distributed policy Distributed Access Control Policy Resource Policy Resource Policy Resource ID

5 Decentralized Policy Example AliceEPub StateU is a university Alice is a student Grants access to university students Trusts universities to certify students Trusts ABU to certify universities StateU ABU

6 Role-based Trust-management (RT) RT 0 : Decentralized Roles RT 1 : Parameterized Roles RT T : for Separation of Duties RT D : for Selective Use of Role memberships RT 2 : Logical Objects RT T and RT D can be used (either together or separately) with any of the five base languages: RT 0, RT 1, RT 2, RT 1 C, and RT 2 C RT 1 C : structured resources RT 2 C : structured resources

7 Plan Analyze Enforce Measure Improve Policy Management Lifecycle

8 Policy lifecycle issues tRequirements capture - What should the policy say? tDevelopment - Adapt standard modules; build new ones; combine tEvaluation - Does the policy say what we want?  Analysis Testing Debugging tCompliance - Can the policy be enforced by info system? tMaintenance - Change as needed as requirements evolve

9 EPAL Concepts tCondition, ruling, obligations - If condition then outcome - Outcome = ruling  obligations - Ruling = { yes, no, don’t care} - Obligations: actions that must occur tExamples - If employee owns the file then yes - If anyone accesses data then don’t care and log the request

10 Policy language design space Permit only Permit / Deny Resolve contradiction Can be contradictory EPAL Ordered

11 EPAL order priority tIntuitive ? - Need to give exception before general case  Birds can fly  Penguins cannot fly tEfficiency - Cannot evaluate sub-policies in parallel tScalability - How to combine separate sub-policies?

12 Some examples tUnreachable If male then yes If female then no If manager then no tInapplicable If manager then yes If VP then no If male then no tIneffective If VP then {run} If manager then {run, jump} tRedundant If manager then {run, jump} If VP then {run} A policy editor could detect these situations

13 Policy Combination Denied Permitted Denied Permitted Denied = + OK Denied Permitted Denied Permitted Denied = + ??

14 Policy Language and Deduction tSpecification - State policy succinctly and directly - Confident that policy captures intention tEnforcement - Deduction, proof of compliance tManage policy lifecycle - Policy development tools - Safety and availability analysis

15 Policy lifecycle issues tRequirements capture - What should the policy say? tDevelopment - Adapt standard modules; build new ones; combine tEvaluation - Does the policy say what we want?  Analysis Testing Debugging tCompliance - Can the policy be enforced by info system? tMaintenance - Change as needed as requirements evolve

16 Questions? tPolicy development - What concepts are important?  Permissions? Denials? Obligations? Audit trail? tEnforcement - IT infrastructure vs Legal structure tEnd-to-end privacy infrastructure - Customer – Browser – Web site – Database - Outsourcing and institutional partnerships

Download ppt "Policy Languages and Enforcement John Mitchell Stanford 4 th IAPP Privacy Summit February 2004."

Similar presentations

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu www.list.gmu.edu.

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
PASSPrivacy, Security and Access Services Don Jorgenson Introduction to Security and Privacy Educational Session HL7 WG Meeting- Sept. 2012.

PASSPrivacy, Security and Access Services Don Jorgenson Introduction to Security and Privacy Educational Session HL7 WG Meeting- Sept
Nishidh, CISSP. To comply with Sarbanes oxley and other legislations To comply with industry standards and business partner requirements To protect.

Nishidh, CISSP. To comply with Sarbanes oxley and other legislations To comply with industry standards and business partner requirements To protect.
Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.

Defining the Security Domain Marilu Goodyear John H. Louis University of Kansas.
Presentation by Priyanka Sawarkar

Presentation by Priyanka Sawarkar
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 1 Privacy Authorization Languages.

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2005 Lorrie Cranor 1 Privacy Authorization Languages.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
IBM Zurich Research Lab © 2004 IBM Corporation PART 5 Enterprise Privacy Policies.

IBM Zurich Research Lab © 2004 IBM Corporation PART 5 Enterprise Privacy Policies.
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford), and Helen Nissenbaum (NYU) TRUST Winter.

Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford), and Helen Nissenbaum (NYU) TRUST Winter.
UConnBI-BC-1 Security Issues for Bioinformatics Prof. Steven A. Demurjian, Sr. Director, CSE Graduate Program Computer Science & Engineering Department.

UConnBI-BC-1 Security Issues for Bioinformatics Prof. Steven A. Demurjian, Sr. Director, CSE Graduate Program Computer Science & Engineering Department.
XACML 2.0 and Earlier Hal Lockhart, Oracle. What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation.

XACML 2.0 and Earlier Hal Lockhart, Oracle. What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation.
 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.

 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.
WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.

WHY CHOOSE CEO-PE?  We employ International Association of Privacy Professionals (IAPP) Certified and Health Insurance Portability & Accountability Act.
CHAPTER 3 Ethics and Privacy. Outline for Today Chapter 3: Ethics and Privacy Tech Guide: Protecting Information Assets REMINDER: Project 1 due tonight.

CHAPTER 3 Ethics and Privacy. Outline for Today Chapter 3: Ethics and Privacy Tech Guide: Protecting Information Assets REMINDER: Project 1 due tonight.
1 WRAP UP Joan Feigenbaum PORTIA Project Site Visit Stanford CA, May 12-13, 2005.

1 WRAP UP Joan Feigenbaum PORTIA Project Site Visit Stanford CA, May 12-13, 2005.
Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.

Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.
1 The PORTIA Project: Research Overview Dan Boneh PORTIA Project Site Visit Stanford CA, May 12-13, 2005

1 The PORTIA Project: Research Overview Dan Boneh PORTIA Project Site Visit Stanford CA, May 12-13, 2005
Code Access Security vs. Role-Based Security  RBS  Security identity attached to user accounts  Access to resources specified according to user’s group.

Code Access Security vs. Role-Based Security  RBS  Security identity attached to user accounts  Access to resources specified according to user’s group.
Access Policy John Mitchell Stanford University. Research directions uProblem Access policy: specification and enforcement uApproach Tractable subsets.

Access Policy John Mitchell Stanford University. Research directions uProblem Access policy: specification and enforcement uApproach Tractable subsets.

Similar presentations

Ads by Google