University of Calgary
UofC Navigation

Privacy Rights Management

Submitted by 21232f297a57a5a... on Wed, 05/02/2007 - 2:11pm

CISaC provides security solutions that rely on in depth mathema

Information privacy can be seen as individuals’ control on their personal information. People must be able to determine who, when, how, and to what extent information about them is accessible to others. Organizations publish a privacy policy stating what they will do with the collected data. Privacy management systems allow organizations and individuals to express their privacy policy and preferences, respectively, and ensure that access to data conforms with the stated policy. Privacy rights management use formal languages to express privacy policies and preferences. To enforce policies rule-base approach and license based approach has been used. An example policy language and enforcement system is P3P, a language proposed by WWW Consortium, and E-P3P.

We are researching user-centered privacy protecting systems for organisations. Users are able to express their preferences that are submitted together with their private data to organizations. The system ensures that their preferences are enforced with the organization and as data moves from one organization to the other.

Contact Us

Centre for Information Security and Cryptography
MS 476, 2500 University Drive NW
Calgary, Alberta
Canada T2N 1N4
1 (403) 220-3949