On the design of a privacy aware authorization engine for collaborative environments

Abstract

Business networking has substantially reshaped common enterprise procedures and has paved the way for the development of ground-breaking information sharing patterns and inter-organizational cooperative practices. Yet, critical issues still stand unaddressed; privacy and sensitive information confidentiality implications threaten to diminish the economic and social benefits derived from online collaboration. Nevertheless, privacy preservation refers to a multidimensional and cross-disciplinary subject, accompanied by both legal as well as technical challenges. In this context, this paper describes the design of a privacy-aware decision engine operating within synergistic contexts. Decision making regarding the production of authorizations and information usage rules is founded on a detailed privacy context and the enforcement of a deductive reasoning algorithm. The proposed reasoning process spans two distinct phases, taking into account an a priori perspective of the system while at the same time maintaining responsiveness in dynamic contexts. © Institute of Information Management, University of St. Gallen 2014.