“An Information-Flow Model for Privacy (InfoPriv)”

Dreyer and Olivier


Citation information

L. C. J. Dreyer and M. S. Olivier. “An Information-Flow Model for Privacy (InfoPriv)”. In: Database Security XII: Status and Prospects. Ed. by S. Jajodia. Kluwer, 1999, pp. 77–90


Privacy is concerned with the protection of personal information. Traditional security models (such as the Bell-LaPadula model) assume that users can be trusted and instead concentrate on the processes within the boundaries of the computer system. The InfoPriv model goes further by assuming that users (especially people) are not trustworthy. The information flow between the users should, therefore, be taken into account as well. The basic elements of InfoPriv are entities and the information flow between them. Information flow can either be positive (permitted) or negative (not permitted). It is shown how InfoPriv can be formalised by using graph theory. This formalisation includes the notion of information sanitisers (or trusted entities). InfoPriv is concluded with a discussion of its static and dynamic aspects. A Prolog prototype based on InfoPriv has been implemented and tested successfully on a variety of privacy policies.

Full text

A pre- or postprint of the publication is available at http://mo.co.za/ask/infopriv.pdf.
Note that a username and password are required to download the full text. (Why?) Please e-mail me and I will send you a username and password.

BibTeX reference

AUTHOR={Lucas C J Dreyer and Martin S Olivier},
TITLE={An Information-Flow Model for Privacy ({I}nfo{P}riv)},
EDITOR={Sushil Jajodia},
BOOKTITLE={Database Security XII: Status and Prospects},
YEAR={1999} )

[Publications] [Home]
Page maintained by Martin Olivier
Database updated: November 8, 2015

Beta version of new bibliography database; please report errors (or copyright violations) that may have slipped in.