Guenter Karjoth

Translating privacy practices into privacy promises - how to promise what you can keep

Enterprises advertise privacy promises using the W3C Platform for Privacy Preferences (P3P). These privacy promises define what recipients can obtain what collected data for what purpose. Internally, enterprises can use fine-grained privacy practices such as defined by the Platform for Enterprise Privacy Practices (E-P3P) to enforce privacy. These internal privacy policies should guarantee and enforce the promises made to the customers. Since privacy practices reflect business internals, they can change frequently. As a consequence, it can be challenging to keep the promises up-to-date with the actual practices. To enable up-to-date privacy promises, we describe a methodology for enterprises to promise what they can keep. This is done by automatically transforming E-P3P privacy practices into corresponding P3P privacy promises that reflect the actual enterprise-internal behavior. These P3P promises can then be published on a regular basis. Whenever the internal policies change, the P3P promises can easily be updated as well.

An operational semantics of Java 2 access control

Java 2 Security enhanced with the Java Authentication and Authorization Service (JAAS) provide sophisticated access control features via a user-configurable authorization policy. Fine-grained access control, code-based as well as user-based authorization, and implicit access rights allow the implementation of real-world policies, but of the cost of increased complexity. We provide a formal specification of the Java 2 and JAAS access control model that helps remove ambiguities of the informal definitions. It defines Java 2 access control in terms of an abstract machine, whose behavior is determined by a small set of transition rules. We illustrate the power of Java 2 access control by showing how commonly encountered authorization requirements can be implemented in Java 2.

Preface to the fourth IEEE workshop on privacy aspects of data mining

Introduction Machine learning and data mining algorithms have penetrated our everyday lives and play a central role in many application domains, including social networks, healthcare, location-based systems, and advertising. At the same time, 90\% of todays data have been produced in the last two years! These data come from social networking sites, mobile phone applications, electronic medical record systems, ecommerce sites, and open data portals. The analysis of this wealth of data can lead to valuable insights that will benefit data recipients and the society at large, but may also lead to serious privacy breaches, unless privacy-enhancing technologies are in place.