We present a declarative language with a formal semantics for specifying both users' privacy preferences and services' privacy policies. Expressiveness and applicability are maximized by keeping the vocabulary and semantics of service behaviours abstract. A privacy-compliant data-handling protocol for a network of communicating principals is described.

PDF file

In  Sixth International Conference on Information Systems Security (ICISS 2010)

Publisher  Springer Verlag

Details