Preventing information inference in access control

F. Paci, N. Zannone

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

11 Citations (Scopus)
3 Downloads (Pure)

Abstract

Technological innovations like social networks, personal devices and cloud computing, allow users to share and store online a huge amount of personal data. Sharing personal data online raises significant privacy concerns for users, who feel that they do not have full control over their data. A solution often proposed to alleviate users' privacy concerns is to let them specify access control policies that reflect their privacy constraints. However, existing approaches to access control often produce policies which either are too restrictive or allow the leakage of sensitive information. In this paper, we present a novel access control model that reduces the risk of information leakage. The model relies on a data model which encodes the domain knowledge along with the semantic relations between data. We illustrate how the access control model and the reasoning over the data model can be automatically translated in XACML. We evaluate and compare our model with existing access control models with respect to its effectiveness in preventing leakage of sensitive information and efficiency in authoring policies. The evaluation shows that the proposed model allows the definition of effective access control policies that mitigate the risks of inference of sensitive data while reducing users' effort in policy authoring compared to existing models.
Original languageEnglish
Title of host publication20th ACM Symposium on Access Control Models and Technologies (SACMAT 2015, Vienna, Austria, June 1-3, 2015)
Place of PublicationNew York
PublisherAssociation for Computing Machinery, Inc
Pages87-97
ISBN (Print)978-1-4503-3556-0
DOIs
Publication statusPublished - 2015
Event20th ACM Symposium on Access Control Models and Technologies (SACMAT 2015) - Vienna, Austria
Duration: 1 Jun 20153 Jun 2015
Conference number: 20
http://www.sacmat.org/2015/index.php

Conference

Conference20th ACM Symposium on Access Control Models and Technologies (SACMAT 2015)
Abbreviated titleSACMAT 2015
Country/TerritoryAustria
CityVienna
Period1/06/153/06/15
Internet address

Fingerprint

Dive into the research topics of 'Preventing information inference in access control'. Together they form a unique fingerprint.

Cite this