PrimeLife Policy Language

摘要: The sudden popularity of social networks and web 2.0 applications changed radically the Internet landscape users’ behavior. Today’s young people are first generation with ability to distribute information quickly, cheaply large groups people. amount personal private published stored in servers becomes so huge that traditional concepts privacy were affected. To appease such concerns, enterprises service providers publish statements promise fair practices. Written natural language or formalized using languages like P3P [1], EPAL [2], XACML [3] etc... they only promises but not necessarily enforced by technical measures. These problems amplified if data is used enterprise collected data, also secondary users as partner organizations, government agencies. flows complex. Threats can come from inside (accidental disclosure, insider curiosity subornation) well outside (uncontrolled usage) each organization. Putting customer online further increases risk exposing sensitive outsiders. In this paper we propose a new policy handling access control usage at same time. context European ICT PrimeLife1 an extension eXtensible markup (XACML 3.0) offering one most popular standardized language. This suggests obligation mechanism taking into account temporal constraints, pre-obligations, conditional obligations, repeating obligations together down-stream authorization system defining rules under which entity be forwarded third party. Moreover, our based on concept trusted credentials.