Privacy APIs: access control techniques to analyze and verify legal privacy policies

  title={Privacy APIs: access control techniques to analyze and verify legal privacy policies},
  author={Michael J. May and Carl A. Gunter and Insup Lee},
  journal={19th IEEE Computer Security Foundations Workshop (CSFW'06)},
  pages={13 pp.-97}
There is a growing interest in establishing rules to regulate the privacy of citizens in the treatment of sensitive personal data such as medical and financial records. Such rules must be respected by software used in these sectors. The regulatory statements are somewhat informal and must be interpreted carefully in the software interface to private data. This paper describes techniques to formalize regulatory privacy rules and how to exploit this formalization to analyze the rules… CONTINUE READING
Highly Influential
This paper has highly influenced 13 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 199 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 84 extracted citations

Addressing Legal Requirements in Requirements Engineering

15th IEEE International Requirements Engineering Conference (RE 2007) • 2007
View 17 Excerpts
Highly Influenced

The Personal Web

Lecture Notes in Computer Science • 2013
View 11 Excerpts
Highly Influenced

Analyzing Regulatory Rules for Privacy and Security Requirements

IEEE Transactions on Software Engineering • 2008
View 20 Excerpts
Highly Influenced

Executive Summary of Project

View 6 Excerpts
Highly Influenced

200 Citations

Citations per Year
Semantic Scholar estimates that this publication has 200 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-10 of 43 references

Cassandra: distributed access control policies with tunable expressiveness

Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004. • 2004
View 8 Excerpts
Highly Influenced

EPAL translation of the freedom of information and protection of privacy act. 20FI1.pdf

Calvin Powers, Steve Adler, Bruce Wishart
View 9 Excerpts
Highly Influenced

Enterprise Privacy Authorization Langugae (EPAL 1.2)

Paul Ashley, Santoshi Hada, Günter Karjoth, Calvin Powers, Matthias Schunter
W3C Member Submission, • 2003
View 9 Excerpts
Highly Influenced

Protection in Operating Systems

View 15 Excerpts
Highly Influenced

XML access control language (XACL): Provisional authorization for XML documents

Satoshi Hada, Michiharu Kudo
Standard, OASIS, • 2001
View 4 Excerpts
Highly Influenced

Privacy and contextual integrity: framework and applications

2006 IEEE Symposium on Security and Privacy (S&P'06) • 2006
View 1 Excerpt

Antón . Mining rule semantics to understand legislative compliance

I. Annie
CCS Workshop on Privacy in the Electronic Society . ACM , Nov • 2005

Similar Papers

Loading similar papers…