By Topic

Privacy promises, access control, and privacy management. Enforcing privacy throughout an enterprise by extending access control

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Powers, C.S. ; IBM Software Group, Raleigh, NC, USA ; Ashley, P. ; Schunter, M.

Regulations and consumer backlash force many organizations to re-evaluate the way they manage private data. As a first step, they publish privacy promises as text or P3P. These promises are not backed up by privacy technology that enforces the promises throughout the enterprise. Privacy tools cover fractions of the problem while leaving the main challenge unanswered. This article describes a new approach towards enterprisewide enforcement of the privacy promises. Its core is a new framework for managing collected personal data in a sensitive, trustworthy way. The framework enables enterprises to publish clear privacy promises, to collect and manage user preferences and consent, and to enforce the privacy promises throughout the enterprise. This article shows how this new approach extends the traditional view of access control to provide a more complete coverage of privacy management issues.

Published in:

Electronic Commerce, 2002. Proceedings. Third International Symposium on

Date of Conference: