Browsing by Author "Soyluoglu, Berker"

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • Placeholder
    ArticlePublicationMetadata only
    Location attestation and access control for mobile devices using GeoXACML
    (Elsevier, 2017-02) Arunkumar, S.; Soyluoglu, Berker; Şensoy, Murat; Srivatsa, M.; Rajarajan, M.; Computer Science; ŞENSOY, Murat; Soyluoglu, Berker
    Access control has been applied in various scenarios in the past for negotiating the best policy. Solutions with XACML for access control has been very well explored by research and have resulted in significant contributions to various sectors including healthcare. In controlling access to the sensitive data such as medical records, it is important to guarantee that the data is accessed by the right person for the right reason. Location of access requestor can be a good indication for his/her eligibility and reasons for accessing the data. To reason with geospatial information for access control, Geospatial XACML (eXtensible Access Control Markup Language) is proposed as a standard. However, there is no available implementation and architecture for reasoning with Geospatial XACML policies. This paper proposes to extend XACML with geohashing to implement geospatial policies. It also proposes an architecture for checking reliability of the geospatial information provided by clients. With a case study, we demonstrate how our framework can be used to control the privacy and data access of health service data in handheld devices.
  • Placeholder
    Conference paperPublicationMetadata only
    Privacy enforcement through policy extension
    (IEEE, 2016) Arunkumar, S.; Srivatsa, M.; Soyluoglu, Berker; Şensoy, Murat; Cerutti, F.; Computer Science; ŞENSOY, Murat; Soyluoglu, Berker
    Successful coalition operations require contributions from the coalition partners which might have hidden goals and desiderata in addition to the shared coalition goals. Therefore, there is an inevitable risk-utility trade-off for information producers due to the need-to-know vs. need-to-hide tension, which must take into account the trustworthiness of the other coalition partners. A balance is often achieved by deliberate obfuscation of the shared information. In this paper, we show how to integrate obfuscation capabilities within the current OASIS standard for access control policies, namely XACML.