An access control approach for privacy-preserving passive network monitoring

Lioudakis, GV; Gogoulos, F; Antonakopoulou, A; Mousas, AS; Venieris, IS; Kaklamani, DI

dc.contributor.author	Lioudakis, GV	en
dc.contributor.author	Gogoulos, F	en
dc.contributor.author	Antonakopoulou, A	en
dc.contributor.author	Mousas, AS	en
dc.contributor.author	Venieris, IS	en
dc.contributor.author	Kaklamani, DI	en
dc.date.accessioned	2014-03-01T02:45:57Z
dc.date.available	2014-03-01T02:45:57Z
dc.date.issued	2009	en
dc.identifier.uri	https://dspace.lib.ntua.gr/xmlui/handle/123456789/32477
dc.relation.uri	http://www.scopus.com/inward/record.url?eid=2-s2.0-77950301466&partnerID=40&md5=734b4decdbc10ec007f636916eb98885	en
dc.relation.uri	http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5402632	en
dc.relation.uri	http://www.informatik.uni-trier.de/~ley/db/conf/icitst/icitst2009.html#LioudakisGAMVK09	en
dc.subject	Access Control Policy	en
dc.subject	Community Networks	en
dc.subject	Dynamic Control	en
dc.subject	Law Enforcement	en
dc.subject	Network Monitoring	en
dc.subject	Privacy Preservation	en
dc.subject	Access Control	en
dc.subject	Real Time	en
dc.subject.other	Access control policies	en
dc.subject.other	Apriori	en
dc.subject.other	Communication networks	en
dc.subject.other	Control and protection	en
dc.subject.other	Innovative approaches	en
dc.subject.other	Monitoring applications	en
dc.subject.other	Network links	en
dc.subject.other	Ontological models	en
dc.subject.other	Particular condition	en
dc.subject.other	Privacy preserving	en
dc.subject.other	Two phasis	en
dc.subject.other	Two stage	en
dc.subject.other	Data privacy	en
dc.subject.other	Internet	en
dc.subject.other	Monitoring	en
dc.subject.other	Passive networks	en
dc.subject.other	Security systems	en
dc.subject.other	Access control	en
dc.title	An access control approach for privacy-preserving passive network monitoring	en
heal.type	conferenceItem	en
heal.identifier.secondary	5402632	en
heal.publicationDate	2009	en
heal.abstract	Passive network monitoring is very useful for the operation, maintenance, control and protection of communication networks, while in certain cases it provides the authorities with the means for law enforcement. Nevertheless, the flip side of passive network monitoring activities is that they are natively surrounded by serious privacy implications. In this paper, an innovative approach for privacy-preserving access control to data originating from passive network monitoring is described. The proposed framework relies on an ontological model for the specification of the access control policies, which are evaluated and enforced on a two-phase and two-stage basis by a system that intercedes between the network link and the monitoring applications. The two stages refer to controlled access regarding both the data that are disclosed to the monitoring application from the mediating system and the raw data that the mediator retrieves from the network link. On the other hand, the two phases concern respectively the execution of ""static"" and ""dynamic"" control; the former enforces the rules that are a priori applicable, grounded on the data, role and purpose semantics, while the latter evaluates the real-time ""privacy context"" for the adaptation of the access control procedures to the particular conditions underlying a request. Copyright © 2009 by the Institute of Electrical and Electronics Engineers, Inc. All rights reserved.	en
heal.journalName	International Conference for Internet Technology and Secured Transactions, ICITST 2009	en