The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Internet has gained huge popularity over the last decade. It offers its users reliable, efficient and exciting online services. However, the users reveal a lot of their personal information by using these services. Websites that collect information state their practices with data in their privacy policies. However, it is difficult to ensure if the policies are enforced properly in their practices...
As privacy is becoming a salient issue for both organizations that provide digital services, as well as their users, access control shifts from traditional role-based models to more sophisticated paradigms that include additional provisions with respect to privacy. Complementing and particularizing our previous research work on the development of frameworks for the enforcement of privacy-aware access...
This paper presents General Trust Management (GTM), a functional trust model that is applicable in multiple problem domains. GTM explicitly handles trust management functions including trust formation, dissemination and evolution. GTM is a generalization of Trust in Smart Spaces (TISS), a trust model that targets smart space scenarios. The generalization is performed with attention to preserving the...
Information centers in industries are facing privacy concerns in recent years. Though there exists persuasive models, the privacy is not assured for industries that no identifiable information will get into unauthorized entities hands. They are based on user, role or service identification. In this paper we proposed Context Based Privacy Model(CBPM), which is based on context identification of the...
Privacy is considered to be a critical issue for providing high quality ubiquitous network services to users over the Internet. User's privacy should be protected and access to privacy information must be controlled in accordance with user's privacy preferences. Existing privacy-aware access control strategies often store all the privacy access control policies on the server side and thus fail to...
In this paper we describe extensions to the access control industry standards XACML and SAML to enable privacy-preserving and credential-based access control. Rather than assuming that an enforcement point knows all the requester's attributes, our extensions allow the requester to learn which attributes have to be revealed and which conditions must be satisfied, thereby enabling to leverage the advantages...
Digital Identity is the representation of the overall known information about a user across online applications. Digital identity management is the collection of processes, policies and technologies to manage the complete life cycle of users' identities, such as creation, management, and destruction. Most web applications request users to have a registered digital identity in their system to allow...
Privacy has been acknowledged to be a critical requirement for many business environments. A variety of uncertainty and mutability poses challenges when sharing resources must happen in collaborative environment. Therefore, the definition of an efficient access control model, based on which privacy policies can be specified, is crucial. In this work, we propose a trust-based access control model to...
The electronic identity (eID) is being positioned to be a basic tool for identification, authentication and authorization in application domains ranging from eCommerce in private sector to eGovernance in public sector. A practical and flexible eID should be usable in both a network-connected online setting as well as in conventional offline situations. While improving security of communication and...
One of the privacy threats recognized in the use of LBS is represented by an adversary having information about the presence of individuals in certain locations, and using this information together with an (anonymous) LBS request to re-identify the issuer of the request associating her to the requested service. Several papers have proposed techniques to prevent this, assuming that the use of the service...
The paper first discusses motivations why taking into account location information in authentication and access control is important. The paper then surveys current approaches to location-aware authentication, including the notion of context-based flexible authentication policies, and to location-aware access control, with focus on the GEO-RBAC model. Throughout the discussion, the paper identifies...
Authenticated dictionaries have been primarily studied and used in the context of certificate revocation in public key infrastructure (PKI). This paper presents a novel approach to enabling controlled access to and selective sharing of sensitive user attributes in federated identity management (FIM) by integrating an authenticated dictionary (ADT)-based credential into FIM, while attempting to achieve...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.