Hierarchical Hippocratic databases with minimal disclosure for virtual organizations

F. Massacci, J. Mylopoulos, N. Zannone

    Onderzoeksoutput: Bijdrage aan tijdschriftTijdschriftartikelAcademicpeer review

    33 Citaten (Scopus)
    2 Downloads (Pure)


    The protection of customer privacy is a fundamental issue in today’s corporate marketing strategies. Not surprisingly, many research efforts have proposed new privacy-aware technologies. Among them, Hippocratic databases offer mechanisms for enforcing privacy rules in database systems for inter-organizational business processes (also known as virtual organizations). This paper extends these mechanisms to allow for hierarchical purposes, distributed authorizations and minimal disclosure supporting the business processes of virtual organizations that want to offer their clients a number of ways to fulfill a service. Specifically, we use a goal-oriented approach to analyze privacy policies of the enterprises involved in a business process. On the basis of the purpose hierarchy derived through a goal refinement process, we provide algorithms for determining the minimum set of authorizations needed to achieve a service. This allows us to automatically derive access control policies for an inter-organizational business process from the collection of privacy policies associated with different participating enterprises. By using effective on-line algorithms, the derivation of such minimal information can also be done on-the-fly by the customer wishing to access a service.
    Originele taal-2Engels
    Pagina's (van-tot)370-387
    TijdschriftThe VLDB Journal
    Nummer van het tijdschrift4
    StatusGepubliceerd - 2006


    Duik in de onderzoeksthema's van 'Hierarchical Hippocratic databases with minimal disclosure for virtual organizations'. Samen vormen ze een unieke vingerafdruk.

    Citeer dit