Privacy Data Sharing Platform
description
Transcript of Privacy Data Sharing Platform
Privacy Data Sharing Platform
PDSP
Scenario & Solution
• Situation:• Tom is 78 years old, lives alone in his rented house.• CentreLink has Tom’s most of situation information, but not allowed to
share by law.• Aged care department supply varieties services, e.g. visited care assistant,
but Tom don’t even know where he could ask help from.
• Solution:• User controlled and monitored data sharing.• Instant Message tools supported notification and authorization.• Workflow based data sharing processing.• Policy-based access control on privacy data.• Ted supported authentication.• Integrated Decision Making Model based on Accountability&Reputation.
Data and Control Flow Framework
Private Data
Host
AccessControl
1. R
eque
st fo
r priv
ate
data 2. Request for approval
3. Approval/Deny
Policy Filtering
Privacy Data Sharing
• Privacy Data• E.g.Medical,Financial,Contact,Internet
• PD sharing Issues:• Legacy• Security• Preserving
• Technologies:• TED security device• Policy-based Access Control(XACML)• Accountability&Reputation based Decision
Making Model
• Implemented:• User Controlled Access Control• Workflow Framework• Instant Message Tools• Reserved Interface for
• XACML• DMM
Feature Overview
• Policy based Access Control• 3 Party involved Privacy Data Sharing• Decision Making Model(Accountability&Reputation Based)• Workflow Processing• Instant Message Tools• Digital Signature
XACML Concept
PolicySet
PoliciesObligations
Rules
Target
Obligations
Condition
Effect
Target
Target
XACML Data-flow Diagram
• Policy & PolicySet – combining of applicable policies using CombiningAlgorithm
• Target – Rapidly index to find applicable Policies or Rules• Conditions – Complex boolean expression with many
operands, arithmetic & string functions• Effect – “Permit” or “Deny”• Obligations – Other required actions• Reference:
• Sun XACML Implementation v 1.2 (http://sunxacml.sourceforge.net/)
• XACML Documents(http://www.oasis-open.org/committees/xacml/)
• XACML Tutorial with Usecase
Who can access what information
C:\Documents and Settings\jia020\Desktop
XML Data Format
Procedure & Interface
• Login(Ind,Org,Admin) • Subscribe(Ind)• Query(Org)• Review(Admin)• Policy checking and content filtering(Sys)• Message(Ind)• Authorisation(Ind)• Get Released Result (Org)
Login
Subscribe
Query
Review
Admin workflows
Receive Messages
Message Approve
Task Manage
Released Result
Released Result In GoogleMap