In this paper we discuss implementation issues of a distributed privacy enforcement scheme to support Owner-Retained Access Control for digital data repositories. Our approach is based on the Java Security Framework. In order to achievepolicy enforcement dependent on the accessed data object, we had to implement our own class loader that supports instance-level policy assignment. Access policies are described using XACML and stored together with the data as sticky policies. Enforcement of generic policies over sticky policy objects required the extension of XACML with XPath specific functions. Our use-case scenario is the user-controlled distribution of Electronic Health Records. © 2008 Springer Science+Business Media, LLC.
CITATION STYLE
Scheffler, T., Geiß, S., & Schnor, B. (2008). An implementation of a privacy enforcement scheme based on the Java Security Framework using XACML policies. In IFIP International Federation for Information Processing (Vol. 278, pp. 157–171). Springer New York. https://doi.org/10.1007/978-0-387-09699-5_11
Mendeley helps you to discover research relevant for your work.