Data sharing agreements are a common mechanism by which enterprises can legalise and express acceptable circumstances for the sharing of information and digital assets across their administrative boundaries. Such agreements, often written in some natural language, are expected to form the basis for the low-level policies that control the access to and usage of such digital assets. This paper contributes to the problem of expressing data sharing requirements in security policy languages such that the resulting policies can enforce the terms of a data sharing agreement. We extend one such language, SecPAL, with constructs for expressing permissions, obligations, penalties and risk, which often occur as clauses in a data sharing agreement.
|Publication status||Published - 28 Jun 2011|
|Event||Proceedings of the 8th FTRA International Conference on Secure and Trust Computing, Data Management and Applications (STA 2011) - Crete, Greece|
Duration: 28 Jun 2011 → 30 Jun 2011
|Conference||Proceedings of the 8th FTRA International Conference on Secure and Trust Computing, Data Management and Applications (STA 2011)|
|Period||28/06/11 → 30/06/11|