Enforcing Privacy Policies with Meta-Code
Hovedartikkel, postprint versjon (PDF)
ACM copyright (PDF)
ForfatterJohansen, Håvard; Birrell, Eleanor; Van Renesse, Robbert; Schneider, Fred B.; Stenhaug, Magnus; Johansen, Dag
This paper proposes a mechanism for expressing and enforcing security policies for shared data. Security policies are expressed as stateful meta-code operations; meta-code can express a broad class of policies, including access-based policies, use-based policies, obligations, and sticky policies with declassification. The meta-code is interposed in the filesystem access path to ensure policy compliance. The generality and feasibility of our approach is demonstrated using a sports analytics prototype system.