An Information-Flow Model for Privacy (InfoPriv)
Dreyer and Olivier
1999
Citation information
L. C. J. Dreyer and M. S. Olivier. “An Information-Flow Model for Privacy (InfoPriv)”. In: Database Security XII: Status and Prospects. Ed. by S. Jajodia. Kluwer, 1999, pp. 77–90Abstract
Privacy is concerned with the protection of personal information. Traditional security models (such as the Bell-LaPadula model) assume that users can be trusted and instead concentrate on the processes within the boundaries of the computer system. The InfoPriv model goes further by assuming that users (especially people) are not trustworthy. The information flow between the users should, therefore, be taken into account as well. The basic elements of InfoPriv are entities and the information flow between them. Information flow can either be positive (permitted) or negative (not permitted). It is shown how InfoPriv can be formalised by using graph theory. This formalisation includes the notion of information sanitisers (or trusted entities). InfoPriv is concluded with a discussion of its static and dynamic aspects. A Prolog prototype based on InfoPriv has been implemented and tested successfully on a variety of privacy policies.
Full text
A pre- or postprint of the publication is available at https://mo.co.za/ask/infopriv.pdf.Note that a username and password are required to download the full text. (Why?) Please e-mail me and I will send you a username and password.
Full text
A pre- or postprint of the publication is available at https://mo.co.za/open/infopriv.pdf.Definitive version
The definitive version of the paper is available from the publisher.DOI: 10.1007/978-0-387-35564-1_5
BibTeX reference
@inproceedings(infopriv,author={Lucas C J Dreyer and Martin S Olivier},
title={An Information-Flow Model for Privacy ({I}nfo{P}riv)},
editor={Sushil Jajodia},
booktitle={Database Security XII: Status and Prospects},
pages={77--90},
publisher={Kluwer},
year={1999} )