Security and Privacy Policy Languages: A Survey, Categorization and Gap   Identification

Saffija Kasem-Madani; Michael Meier

arXiv:1512.00201·cs.CR·December 2, 2015·19 cites

Security and Privacy Policy Languages: A Survey, Categorization and Gap Identification

Saffija Kasem-Madani, Michael Meier

PDF

Open Access

TL;DR

This paper surveys 27 security and privacy policy languages, categorizes them within a framework, identifies gaps, and advocates for policy languages to specify privacy-utility trade-offs.

Contribution

It provides a comprehensive categorization framework for policy languages and highlights gaps and future research directions.

Findings

01

Current policy languages are mapped within the framework

02

Identified gaps in existing policy languages

03

Motivates adoption of policy languages for privacy-utility trade-offs

Abstract

For security and privacy management and enforcement purposes, various policy languages have been presented. We give an overview on 27 security and privacy policy languages and present a categorization framework for policy languages. We show how the current policy languages are represented in the framework and summarize our interpretation. We show up identified gaps and motivate for the adoption of policy languages for the specification of privacy-utility trade-off policies.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAccess Control and Trust · Cloud Data Security Solutions · Security and Verification in Computing