Contextual integrity is a conceptual framework for understanding privacy expectations and
their implications developed in the literature on law, public policy, and political philosophy …

Sensitive data are increasingly available on-line through the Web and other distributed
protocols. This heightens the need to carefully control access to data. Control means not …

The Linux kernel follows an extremely distributed reviewing and integration process
supported by 130 developer mailing lists and a hierarchy of dozens of Git repositories for …

Access-control policies have grown from simple matrices to non-trivial specifications written
in sophisticated languages. The increasing complexity of these policies demands …

Current regulatory requirements in the US and other countries make it increasingly important
for Web Services to be able to enforce and verify their compliance with privacy policies …

Privacy and data protection are pivotal issues in nowadays society. They concern the right to
prevent the dissemination of sensitive or confidential information of individuals. Many …

XACML is the OASIS standard language specifically aimed at the specification of
authorization policies. While XACML fits well with the security requirements of a single …

There is a growing interest in establishing rules to regulate the privacy of citizens in the
treatment of sensitive personal data such as medical and financial records. Such rules must …

Abstract The eXtensible Access Control Markup Language (XACML) is an extensible and
flexible XML language for the specification of access control policies. However, the richness …

Extending Requirements Engineering modelling and formal analysis methodologies to cope
with Security Requirements has been a major effort in the past decade. Yet, only few works …