Cited By
View all- Verreydt SYskout KJoosen W(2021)Security and Privacy Requirements for Electronic ConsentACM Transactions on Computing for Healthcare10.1145/34339952:2(1-24)Online publication date: 22-Mar-2021
Formal Specification of a Privacy Aware Access Control Framework in Web Services Paradigm using Z Notation
Article No.: 74, Pages 1 - 5
Abstract
In web services paradigm, multiple heterogeneous web services collaborate to carry out the complex functionality demanded by the users. While using these services, privacy preservation is the major concern for users. Safeguarding their personally identifiable information (PII) from unauthorized usage is the top most priority of service providers in order to survive in the highly competitive market. Like other areas of digital life, preserving privacy is also a prominent concern in healthcare services. The patients' sensitive PII in online services is more at the risk of disclosure without their consent. Currently privacy policy enforcement is done manually in such scenarios, which increases the risk of inadvertent disclosure of the stored PII. This paper is the first step towards automation of privacy policies and laws enforcement in traditional access control frameworks through formal specification of web services in Z notation.
References
[1]
R. M. Sreenath and M.P. Singh, "Agent-based Service Selection," Journal of Web Semantics: Science, Services and Agents on the World Wide Web, vol. 1, no. 3, pp. 261--279, 2004.
[2]
X. Zhang, S. Oh and R. Sandhu, "PBDM: a flexible delegation model in RBAC," In proceedings of the eighth ACM Symposium on Access control models and technologies (SACMAT ), New York, NY, USA, pp. 149--157, 2003.
[3]
Néstor Cataño, Sorren Hanvey, and Camilo Rueda, "Poporo: A Formal Methods Tool for Fast-Checking of Social Network Privacy Policies", TOOLS 50, Lecture Notes in Computer Science, Springer, vol. 7304 pp. 9--16, 2012.
[4]
J. M. Spivey, The Z Notation: A Reference Manual. Upper Saddle River, NJ, USA: Prentice-Hall, Inc., 1989.
[5]
C. B. Jones. Systematic Software Development Using VDM. Prentice-Hall International, 1986.
[6]
Burdy, Cheon, Cok, Ernst, Kiniry, Leavens, Leino and Poll, An overview of JML tools and applications. In International Journal on Software Tools for Technology Transfer pp. 212--232, 2005.
[7]
C.A.R, Hoare, Communicating Sequential Processes. Prentice Hall Intl., 1st edition 1985, new edition. Jim Davies, 2004.
[8]
J. R. Abrial, The B-Book: Assigning Programs to Meanings. Cambridge University Press, 1996.
[9]
Jeremy Bryans & John Fitzgerald (2007): Formal Engineering of XACML Access Control Policies in VDM++. In Michael Butler, Michael Hinchey & Maríía Larrondo-Petrie, editors: Formal Methods and Software Engineering, Lecture Notes in Computer Science 4789, Springer Berlin / Heidelberg, pp. 37--56.Available at http://dx.doi.org/10.1007/978-3-540-76650-6_4.
[10]
M. Saaltink, "The Z/EVES System," in ZUM '97: The Z Formal Specification Notation, J. Bowen, M. Hinchey, and D. Till, Eds., pp. 72--85, 1997.
[11]
R. Bhatia and M. Singh, "Preserving Privacy In Health Care Web Services Paradigm Through Hippocratic Databases," Springer Book Series Advances in Intelligent Systems and Computing, Volume 308, pp 177--188, 2014.
[12]
Agrawal, R., Kiernan, J., Srikant, R. and Xu, Y. 2002, "Hippocratic databases". In Proceedings of Very Large Data Base, Hong Kong, China, pp 143--154.
Index Terms
- Formal Specification of a Privacy Aware Access Control Framework in Web Services Paradigm using Z Notation
Recommendations
Privacy Aware Access Control in Web Services Compositions
ICTCS '14: Proceedings of the 2014 International Conference on Information and Communication Technology for Competitive StrategiesIn the online transaction era, multiple heterogeneous web services collaborate to provide required services to the users. In such scenarios, the risks associated with the inadvertent privacy disclosure and intentional privacy breaches from the ...
Privacy Aware Access Control: A Literature Survey and Novel Framework
Due to the ever increasing number of web services available through the Internet, the privacy as a fundamental human right is endangered. Informed consent and collection of information are two important aspects while interacting on the Internet through ...
A Lattice-Based Privacy Aware Access Control Model
CSE '09: Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03As the amount of data being collected by service providers increases, privacy concerns increase for the data owners that must provide private data to get services. Legislative acts require enterprises protect the privacy of their customers and privacy ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
November 2014
559 pages
ISBN:9781450332163
DOI:10.1145/2677855
Copyright © 2014 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
In-Cooperation
- Computer Society of India: Computer Society of India
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 27 October 2014
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
ICTCS '14
ICTCS '14: International Conference on Information and Communication Technology for Competitive Strategies
November 14 - 16, 2014
Rajasthan, Udaipur, India
Acceptance Rates
ICTCS '14 Paper Acceptance Rate 97 of 270 submissions, 36%;
Overall Acceptance Rate 97 of 270 submissions, 36%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 62Total Downloads
- Downloads (Last 12 months)2
- Downloads (Last 6 weeks)0
Reflects downloads up to 03 Mar 2025
Other Metrics
Citations
Cited By
View all- Verreydt SYskout KJoosen W(2021)Security and Privacy Requirements for Electronic ConsentACM Transactions on Computing for Healthcare10.1145/34339952:2(1-24)Online publication date: 22-Mar-2021
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in