Skip to main content
Conference ProceedingsOPEN ACCESS

An implementation of a privacy enforcement scheme based on the Java Security Framework using XACML policies

IFIP International Federation for Information Processing (2008) 278 157-171
DOI: 10.1007/978-0-387-09699-5_11
3Citations
Citations of this article
15Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

In this paper we discuss implementation issues of a distributed privacy enforcement scheme to support Owner-Retained Access Control for digital data repositories. Our approach is based on the Java Security Framework. In order to achievepolicy enforcement dependent on the accessed data object, we had to implement our own class loader that supports instance-level policy assignment. Access policies are described using XACML and stored together with the data as sticky policies. Enforcement of generic policies over sticky policy objects required the extension of XACML with XPath specific functions. Our use-case scenario is the user-controlled distribution of Electronic Health Records. © 2008 Springer Science+Business Media, LLC.

Cite

CITATION STYLE

APA

Scheffler, T., Geiß, S., & Schnor, B. (2008). An implementation of a privacy enforcement scheme based on the Java Security Framework using XACML policies. In IFIP International Federation for Information Processing (Vol. 278, pp. 157–171). Springer New York. https://doi.org/10.1007/978-0-387-09699-5_11

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free