Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Obligation Language and Framework to Enable Privacy-aware SOA

Muhammad Ali, Laurent Bussard, and Ulrich Pinsdorf


Privacy policies defines rights and obligations on data (e.g. personally identifiable information) collected by services. Tackling privacy policies in a service oriented architecture spanning multiple trust domains is difficult because it requires a common specification and distributed enforcement. This paper focuses on the specication and enforcement of obligations. We describe the requirements, the resulting language, and its implementation. Finally, we compare our results with obligation support in the state of the art. The key contribution of this work is to bridge the gap between specific mechanisms to enforce obligations and underspecified support for obligations in today's access control and data handling policy languages.


Publication typeInproceedings
Published inData Privacy Management and Autonomous Spontaneous Security
> Publications > Obligation Language and Framework to Enable Privacy-aware SOA