in Proceedings of 5th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 185-188, June 2004.
Privacy policy evaluation engines enable queries whether a specific user is allowed to access specific data for a specific purpose. While tools for authoring, maintaining, and auditing privacy policies already exist, no tool exists yet to deal with unification within such policies, e.g., to enable queries if data might be modified by some user, or how many user entries satisfy a certain constraint. We show how this can can be achieved by embedding enterprise privacy policies into Prolog. We show this concretely for IBM’s Enterprise Privacy Authorization Language (EPAL). Based on the unification mechanisms of Prolog, our work enables general queries for privacy policies as well as quantitative measurements.
This publication is accompanied by links to downloadable versions of this publication. These documents do not necessarily correspond exactly to the cited version. Instead, in most cases full or updated versions are provided. For access to the official version, follow the "Official version" link to the publishers site.