The quick development and widespread adoption of Internet technologies allows servers to make their services and resources available to users anywhere anytime. To regulate access to such services in open scenarios, servers require users to release information about them through the disclosure of digital certificates. Since digital certificates, as well as access control policies, may include sensitive information, it is necessary to define mechanisms that permit both the client and the server to specify privacy preferences to be considered in credential and policy disclosure. In this chapter, we describe solutions supporting both client privacy preferences and server disclosure policies. We illustrate the desiderata that these solutions should satisfy, and describe recent approaches that take client privacy preferences and server confidentiality into account in a negotiation process. Finally, we introduce some open issues that need further investigation.
Supporting user privacy preferences in digital interactions / S. Foresti, P. Samarati - In: Computer and information security handbook / [a cura di] J.R. Vacca. - 2. - Waltham : Morgan Kaufmann, 2013 Jun. - ISBN 9780123943972. - pp. 813-834 [10.1016/B978-0-12-394397-2.00046-5]
Supporting user privacy preferences in digital interactions
S. ForestiPrimo
;P. SamaratiUltimo
2013
Abstract
The quick development and widespread adoption of Internet technologies allows servers to make their services and resources available to users anywhere anytime. To regulate access to such services in open scenarios, servers require users to release information about them through the disclosure of digital certificates. Since digital certificates, as well as access control policies, may include sensitive information, it is necessary to define mechanisms that permit both the client and the server to specify privacy preferences to be considered in credential and policy disclosure. In this chapter, we describe solutions supporting both client privacy preferences and server disclosure policies. We illustrate the desiderata that these solutions should satisfy, and describe recent approaches that take client privacy preferences and server confidentiality into account in a negotiation process. Finally, we introduce some open issues that need further investigation.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.