Skip to main content
SpringerLink
Log in

SecPAL4DSA: A Policy Language for Specifying Data Sharing Agreements

  • Conference paper
Secure and Trust Computing, Data Management and Applications (STA 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 186))

Abstract

Data sharing agreements are a common mechanism by which enterprises can legalise and express acceptable circumstances for the sharing of information and digital assets across their administrative boundaries. Such agreements, often written in some natural language, are expected to form the basis for the low-level policies that control the access to and usage of such digital assets. This paper contributes to the problem of expressing data sharing requirements in security policy languages such that the resulting policies can enforce the terms of a data sharing agreement. We extend one such language, SecPAL, with constructs for expressing permissions, obligations, penalties and risk, which often occur as clauses in a data sharing agreement.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Sieber, J.E.: Data Sharing: Defining Problems and Seeking Solutions. Law and Human Behaviour 12(2), 199–206 (1988)

    Article  Google Scholar 

  2. Arenas, A.E., Aziz, B., Bicarregui, J., Wilson, M.: An Event-B Approach to Data Sharing Agreements. In: Méry, D., Merz, S. (eds.) IFM 2010. LNCS, vol. 6396, pp. 28–42. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  3. Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Policy Specification Language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–38. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  4. Becker, M.Y., Fournet, C., Gordon, A.D.: SecPAL: Design and Semantics of a Decentralized Authorization Language. Journal of Computer Security 18(4), 597–643 (2010)

    Article  Google Scholar 

  5. Swarup, V., Seligman, L., Rosenthal, A.: A Data Sharing Agreement Framework. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, pp. 22–36. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  6. Matteucci, I., Petrocchi, M., Sbodio, M.L.: CNL4DSA a Controlled Natural Language for Data Sharing Agreements. In: 25th Symposium on Applied Computing, Privacy on the Web Track. ACM, New York (2010)

    Google Scholar 

  7. Dillaway, B.: A unified approach to trust, delegation, and authorization in large-scale grids. Microsoft Corporation, Tech. Rep. (2006)

    Google Scholar 

  8. Becker, M.Y., Malkis, A., Bussard, L.: A Framework for Privacy Preferences and Data-Handling Policies. Microsoft Research, Tech. Rep. MSR-TR-2009-128 (September 2009)

    Google Scholar 

  9. Colombo, M., Martinelli, F., Matteucci, I., Petrocchi, M.: Context- Aware Analysis of Data Sharing Agreements. In: 4th European Workshop on Combining Context with Trust, Security, and Privacy, CAT 2010, pp. 99–104 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing, University of Portsmouth, Portsmouth, U.K.

    Benjamin Aziz

  2. Department of Information Systems, Instituto de Empresa Business School, Madrid, Spain

    Alvaro Arenas

  3. e-Science Centre, STFC Rutherford Appleton Laboratory, Oxfordshire, U.K.

    Michael Wilson

Authors
  1. Benjamin Aziz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alvaro Arenas
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael Wilson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Seoul National University of Science and Technology, 172 Gongreung 2-dong, Nowon-gu, 139-742, Seoul, Korea

    James J. Park

  2. Computer Science Department, E.T.S.I. Informatica, University of Malaga, Campus de Teatinos, 29071, Malaga, Spain

    Javier Lopez

  3. Division of Computer Engineering, Mokwon University, Daejeon, South Korea

    Sang-Soo Yeo

  4. College of Information Technology, Division of Information and Computer Engineering, Ajou University, San 5, Woncheon-Dong, Yeongton-Gu, Suwon, 443-749, Korea

    Taeshik Shon

  5. Clayton School of Information Technology, Monash University, Campus: Clayton Building/Room 63/130, Clayton, 3800, Victoria, Australia

    David Taniar

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Aziz, B., Arenas, A., Wilson, M. (2011). SecPAL4DSA: A Policy Language for Specifying Data Sharing Agreements. In: Park, J.J., Lopez, J., Yeo, SS., Shon, T., Taniar, D. (eds) Secure and Trust Computing, Data Management and Applications. STA 2011. Communications in Computer and Information Science, vol 186. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22339-6_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22339-6_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22338-9

  • Online ISBN: 978-3-642-22339-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation