Proceedings ArticleDOI
The personal model of data towards a privacy oriented information system
J. Biskup,H.H. Bruggemann +1 more
- pp 348-355
TLDR
A general report is presented on an approach problem of privacy-oriented information systems, based on extensive research experiences in specifying the structure of such a system, including the underlying data model and the privacy policy, as well as on the insight gained from a prototype implementation of selected parts of the specification.Abstract:
A general report is presented on an approach problem of privacy-oriented information systems. The report is based on extensive research experiences in specifying the structure of such a system, including the underlying data model and the privacy policy, as well as on the insight gained from a prototype implementation of selected parts of the specification. The system is called DORIS (datenschutz-orientiertes informations system). While the model is basically object-oriented, it is possible conveniently to describe an application by non-first-normal-form tuples and relations, and the data-manipulation language is high-level and relational. An expression is evaluated in three stages: navigation in the set of surrogates of persons, asking for knowledge, and finally normalization, prime value processing and output preparation. A prototype implementation of selected parts of the model is based on a kernel concept. >read more
Citations
More filters
Patent
Method and system for advanced role-based access control in distributed and centralized computer systems
TL;DR: In this article, a method and system for registration, authorization, and control of access rights in a computer system is presented, where the required parameters are provided by the subject of the computer system, e.g. by a person, a job position, or an organization unit.
Journal ArticleDOI
A privacy-aware access control system
TL;DR: This paper discusses how data handling policies can be integrated with traditional access control systems and presents a privacy control module in charge of managing, integrating, and evaluating access control, release and data Handling policies.
Journal ArticleDOI
Authentication and authorization infrastructures (AAIs): a comparative survey
TL;DR: There is no single best approach for providing an AAI, that every approach has specific advantages and disadvantages, and that a comprehensive AAI must combine various technologies and approaches.
Proceedings ArticleDOI
A security concept for OLAP
TL;DR: A security model for data warehouses is defined which describes security constrains for roles in the data warehouse and each role has a security constrain list that builds the security profile of the role.
Book ChapterDOI
LPL, Towards a GDPR-Compliant Privacy Language: Formal Definition and Usage
TL;DR: This paper introduces LPL, an extensible Layered Privacy Language that allows to express and enforce these new privacy properties such as personal privacy, user consent, data provenance, and retention management.
References
More filters
Book
Cryptography and data security
TL;DR: The goal of this book is to introduce the mathematical principles of data security and to show how these principles apply to operating systems, database systems, and computer networks.
Principles of Database Systems
TL;DR: A large part of as mentioned in this paper is a description of relations, their algebra and calculus, and query languages that have been designed using these concepts, and explanations of how the theory can be used to design good systems.
On data banks and privacy homomorphisms
TL;DR: It appears likely that there exist encryption functions which permit encrypted data to be operated on without preliminary decryption of the operands, for many sets of interesting operations.
Proceedings ArticleDOI
A Comparison of Commercial and Military Computer Security Policies
David D. Clark,David R. Wilson +1 more
TL;DR: It is argued that a lattice model is not sufficient to characterize integrity policies, and that distinct mechanisms are needed to Control disclosure and to provide integrity.
Journal ArticleDOI
The design of POSTGRES
TL;DR: The main design goals of the new system are toprovide better support for complex objects, provide user extendibility for data types, operators and access methods, provide facilities for active databases and inferencing including forward- and backward-chaining.