Learn More
Digital identities and profiles are precious assets. On one hand they enable users to engage in transactions and interactions on the Internet. On the other hand, abuses and leakages of this information could violate the privacy of their owners, sometimes with serious consequences. Nowadays, most of the people have limited understanding of security and(More)
The management of private and confidential information is a major problem for dynamic organizations. Secure solutions are needed to exchange confidential documents, protect them against unauthorised accesses and cope with changes of people's roles and permissions. Traditional cryptographic systems and PKI show their limitations, in terms of flexibility and(More)
privacy, privacy enforcement, access control, privacy-aware access control, regulatory compliance, data governance, policy management Regulatory compliance is a hot topic for enterprises. The increasing number of laws, including SOX, GLB, HIPAA and various governmental directives on data protection require enterprises to put in place complex processes to(More)
Identity management plays a key role in enabling personal, business and government activities along with interactions and transactions in the digital world. The " chapter 1 " of identity management is about the current paradigm, i.e., multiple, slightly integrated products and solutions for relatively static, closed and well controlled environments. It(More)
The management of confidential and sensitive information is a major problem for people and organisations. Dynamic organisations require secure solutions to protect confidential documents against unauthorised access and to cope with changes to people's roles and permissions. Solutions based on traditional cryptographic systems and PKI show their limitations,(More)
privacy, IT governance, privacy policy enforcement, privacy-aware access control, privacy obligations, regulatory compliance This paper describes issues and requirements related to privacy management as an aspect of improved governance in enterprises. It focuses on the privacy enforcement aspect, in particular related to privacy-aware access control and(More)
In offering services to individuals, enterprises often deal with a lot of personal information, the improper handling of which creates security risks for both the enterprises and individuals concerned. Authentication procedures usually assume specific behavior on the part of individuals, and this perception becomes a critical part of an enterprise's(More)
The aim of this paper is to set the context for the management of consent and revocation in enterprises, create awareness and so pave the way towards better and improved practices in this area. A number of international laws and regulations mandate (to some degree) that individuals should be enabled to express their consent for the usage of their data and(More)