Enterprise privacy promises and enforcement

  • Barth A
  • Mitchell J
  • 21


    Mendeley users who have this article in their library.
  • 22


    Citations of this article.


Several formal languages have been proposed to encode pri-vacy policies, ranging from the Platform for Privacy Pref-erences (P3P), intended for communicating privacy policies to consumers over the web, to the Enterprise Privacy Au-thorization Language (EPAL), intended to enable policy en-forcement within an enterprise. However, current technol-ogy does not allow an enterprise to determine whether its detailed, internal enforcement policy meets its published pri-vacy promises. We present a data-centric, unified model for privacy, equipped with a modal logic for reasoning about permission inheritance across data hierarchies. We use this model to critique two privacy preference languages (APPEL and XPref), to justify P3P's policy summarization algo-rithm, and to connect privacy policy languages, such as P3P, with privacy policy enforcement languages, such as EPAL. Specifically, we characterize when one policy enforces an-other and provide an algorithm for generating the most spe-cific privacy promises, at a given level of detail, guaranteed by a more detailed enforcement policy.

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document


  • Adam Barth

  • John C. Mitchell

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free