icbnet

  • Increase font size
  • Default font size
  • Decrease font size

English (United Kingdom)

Privacy-Aware Access Control and Authorization in Passive Network Monitoring Infrastructures

Year: 2010
Type of Publication: In Proceedings Keywords: privacy, authorisation, access control, passive network monitoring, semantic information model
Authors:
Book title: Proceedings of the 10th IEEE International Conference on Computer and Information Technology (CIT-2010), 3rd IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP 2010)
Pages: 1114 - 1121
Month: June 29 - July 1
ISBN: 978-0-7695-4108-2
Note:
Bradford, West Yorkshire, UK, 29 June - 1 July 2010
Abstract:
Despite the usefulness of passive network monitoring for the operation, maintenance, control and protection of communication networks, as well as law enforcement, network monitoring activities are surrounded by serious privacy implications. In this paper, an innovative approach for privacy-preserving authorization and access control to data originating from passive network monitoring is described. The proposed framework relies on an ontological model for the specification of the access control policies, which are evaluated and enforced on a two-phase and two-stage basis by a system that intercedes between the network link and the monitoring applications. The two stages refer to controlled access regarding both the data that are disclosed to the monitoring application from the mediating system and the raw data that the mediator retrieves from the network link. On the other hand, the two phases concern respectively the execution of “static” and “dynamic” control; the former enforces the rules that are a priori applicable, grounded on the data, role and purpose semantics, while the latter evaluates the real-time contextual parameters for the adaptation of the access control procedures to the particular conditions underlying a request.
[Bibtex]