2013 |
|
| 67. | Breaux, Travis; Gordon, David; Papanikolaou, Nick; Pearson, Siani Mapping Legal Requirements to IT Controls Technical Report HP Laboratories (HPL-2013-39), 2013. Abstract | Links | BibTeX | Tags: @techreport{breaux-techrep, title = {Mapping Legal Requirements to IT Controls}, author = {Travis Breaux and David Gordon and Nick Papanikolaou and Siani Pearson}, url = {../files/relaw13.pdf}, year = {2013}, date = {2013-06-01}, booktitle = {Proceedings of the Sixth International Workshop on Requirements Engineering and Law (RELAW)}, number = {HPL-2013-39}, institution = {HP Laboratories}, abstract = {Information technology (IT) controls are reusable system requirements that IT managers, administrators and developers use to demonstrate compliance with international standards, such as ISO 27000 standard. As controls are reusable, they tend to cover best practice independently from what specific government laws may require. However, because considerable effort has already been invested by IT companies in linking controls to their existing systems, aligning controls with regulations can yield important savings by avoiding non- compliance or unnecessary redesign. We report the results of a case study to align legal requirements from the U.S. and India that govern healthcare systems with three popular control catalogues: the NIST 800-53, ISO/IEC 27002:2009 and the Cloud Security Alliance CCM v1.3, as well as the CCHIT EHR Certification Criteria. The contributions include a repeatable protocol for mapping controls, heuristics to explain the types of mappings that may arise, and guidance for addressing incomplete mappings.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } Information technology (IT) controls are reusable system requirements that IT managers, administrators and developers use to demonstrate compliance with international standards, such as ISO 27000 standard. As controls are reusable, they tend to cover best practice independently from what specific government laws may require. However, because considerable effort has already been invested by IT companies in linking controls to their existing systems, aligning controls with regulations can yield important savings by avoiding non- compliance or unnecessary redesign. We report the results of a case study to align legal requirements from the U.S. and India that govern healthcare systems with three popular control catalogues: the NIST 800-53, ISO/IEC 27002:2009 and the Cloud Security Alliance CCM v1.3, as well as the CCHIT EHR Certification Criteria. The contributions include a repeatable protocol for mapping controls, heuristics to explain the types of mappings that may arise, and guidance for addressing incomplete mappings. |
| 66. | Papanikolaou, Nick; Pearson, Siani Cross-Disciplinary Review of the Concept of Accountability Technical Report HP Laboratories (HPL-2013-37), 2013. @techreport{Papanikolaou2013-techrep, title = {Cross-Disciplinary Review of the Concept of Accountability}, author = {Nick Papanikolaou and Siani Pearson}, url = {../files/tafc1.pdf}, year = {2013}, date = {2013-06-01}, booktitle = {Proceedings of the DIMACS/BIC/A4Cloud/CSA International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC)}, number = {HPL-2013-37}, institution = {HP Laboratories}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } |
| 65. | Papanikolaou, Nick; Pearson, Siani Cross-Disciplinary Review of the Concept of Accountability Inproceedings Proceedings of the DIMACS/BIC/A4Cloud/CSA International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC), 2013. Abstract | Links | BibTeX | Tags: @inproceedings{Papanikolaou2013, title = {Cross-Disciplinary Review of the Concept of Accountability}, author = {Nick Papanikolaou and Siani Pearson}, url = {../files/tafc1.pdf}, year = {2013}, date = {2013-05-01}, booktitle = {Proceedings of the DIMACS/BIC/A4Cloud/CSA International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC)}, abstract = {In this paper we discuss previous definitions of the concept of ac- countability from the literature. Accountability is a multidimensional, context- dependent concept that is gaining interest as a means of addressing a number of data protection problems, including global legal uncertainty and lack of trust.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } In this paper we discuss previous definitions of the concept of ac- countability from the literature. Accountability is a multidimensional, context- dependent concept that is gaining interest as a means of addressing a number of data protection problems, including global legal uncertainty and lack of trust. |
| 64. | Breaux, Travis; Gordon, David; Papanikolaou, Nick; Pearson, Siani Mapping Legal Requirements to IT Controls Inproceedings Proceedings of the Sixth International Workshop on Requirements Engineering and Law (RELAW), 2013. Abstract | Links | BibTeX | Tags: @inproceedings{Breaux2013, title = {Mapping Legal Requirements to IT Controls}, author = {Travis Breaux and David Gordon and Nick Papanikolaou and Siani Pearson}, url = {../files/relaw13.pdf}, year = {2013}, date = {2013-01-01}, booktitle = {Proceedings of the Sixth International Workshop on Requirements Engineering and Law (RELAW)}, abstract = {Information technology (IT) controls are reusable system requirements that IT managers, administrators and developers use to demonstrate compliance with international standards, such as ISO 27000 standard. As controls are reusable, they tend to cover best practice independently from what specific government laws may require. However, because considerable effort has already been invested by IT companies in linking controls to their existing systems, aligning controls with regulations can yield important savings by avoiding non- compliance or unnecessary redesign. We report the results of a case study to align legal requirements from the U.S. and India that govern healthcare systems with three popular control catalogues: the NIST 800-53, ISO/IEC 27002:2009 and the Cloud Security Alliance CCM v1.3, as well as the CCHIT EHR Certification Criteria. The contributions include a repeatable protocol for mapping controls, heuristics to explain the types of mappings that may arise, and guidance for addressing incomplete mappings.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } Information technology (IT) controls are reusable system requirements that IT managers, administrators and developers use to demonstrate compliance with international standards, such as ISO 27000 standard. As controls are reusable, they tend to cover best practice independently from what specific government laws may require. However, because considerable effort has already been invested by IT companies in linking controls to their existing systems, aligning controls with regulations can yield important savings by avoiding non- compliance or unnecessary redesign. We report the results of a case study to align legal requirements from the U.S. and India that govern healthcare systems with three popular control catalogues: the NIST 800-53, ISO/IEC 27002:2009 and the Cloud Security Alliance CCM v1.3, as well as the CCHIT EHR Certification Criteria. The contributions include a repeatable protocol for mapping controls, heuristics to explain the types of mappings that may arise, and guidance for addressing incomplete mappings. |
| 63. | Catteddu, Daniele; Felici, Massimo; Hogben, Giles; Holcroft, Amy; Kosta, Eleni; Leenes, Ronald; Millard, Christopher; Niezen, Maartje; Nu~nez, David; Papanikolaou, Nick; Pearson, Siani; Pradelles, Daniel; Reed, Chris; Rong, Chunming; Royer, Jean-Claude; Stefanatou, Dimitra; Wlodarczyk, Tomasz Towards a Model of Accountability for Cloud Computing Services Technical Report HP Laboratories (HPL-2013-38), 2013. Abstract | Links | BibTeX | Tags: @techreport{Catteddu-techrep, title = {Towards a Model of Accountability for Cloud Computing Services}, author = {Daniele Catteddu and Massimo Felici and Giles Hogben and Amy Holcroft and Eleni Kosta and Ronald Leenes and Christopher Millard and Maartje Niezen and David Nu~nez and Nick Papanikolaou and Siani Pearson and Daniel Pradelles and Chris Reed and Chunming Rong and Jean-Claude Royer and Dimitra Stefanatou and Tomasz Wlodarczyk}, url = {../files/tafc2.pdf}, year = {2013}, date = {2013-01-01}, booktitle = {Proceedings of the DIMACS/BIC/A4Cloud/CSA International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC)}, number = {HPL-2013-38}, institution = {HP Laboratories}, abstract = {This paper presents a model of accountability for cloud computing services, based on ongoing work as part of the A4Cloud project. We define a three-layer model of accountability as a general concept for data governance, distinguishing between accountability attributes, accountability practices, and accountability mechanisms and tools.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } This paper presents a model of accountability for cloud computing services, based on ongoing work as part of the A4Cloud project. We define a three-layer model of accountability as a general concept for data governance, distinguishing between accountability attributes, accountability practices, and accountability mechanisms and tools. |
| 62. | Catteddu, Daniele; Felici, Massimo; Hogben, Giles; Holcroft, Amy; Kosta, Eleni; Leenes, Ronald; Millard, Christopher; Niezen, Maartje; Nu~nez, David; Papanikolaou, Nick; Pearson, Siani; Pradelles, Daniel; Reed, Chris; Rong, Chunming; Royer, Jean-Claude; Stefanatou, Dimitra; Wlodarczyk, Tomasz Towards a Model of Accountability for Cloud Computing Services Inproceedings Proceedings of the DIMACS/BIC/A4Cloud/CSA International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC), 2013. Abstract | Links | BibTeX | Tags: @inproceedings{DanieleCatteddu2013, title = {Towards a Model of Accountability for Cloud Computing Services}, author = {Daniele Catteddu and Massimo Felici and Giles Hogben and Amy Holcroft and Eleni Kosta and Ronald Leenes and Christopher Millard and Maartje Niezen and David Nu~nez and Nick Papanikolaou and Siani Pearson and Daniel Pradelles and Chris Reed and Chunming Rong and Jean-Claude Royer and Dimitra Stefanatou and Tomasz Wlodarczyk}, url = {../files/tafc2.pdf}, year = {2013}, date = {2013-01-01}, booktitle = {Proceedings of the DIMACS/BIC/A4Cloud/CSA International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC)}, abstract = {This paper presents a model of accountability for cloud computing services, based on ongoing work as part of the A4Cloud project1. We define a three-layer model of accountability as a general concept for data governance, distinguishing between accountability attributes, accountability practices, and accountability mechanisms and tools.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } This paper presents a model of accountability for cloud computing services, based on ongoing work as part of the A4Cloud project1. We define a three-layer model of accountability as a general concept for data governance, distinguishing between accountability attributes, accountability practices, and accountability mechanisms and tools. |
| 61. | Galis, Alex; Gavras, Anastasius; Alvarez, Federico; Bassi, Alessandro; Bezzi, Michele; Ciavaglia, Laurent; Cleary, Frances; Daras, Petros; de Meer, Herman; Demestichas, Panagiotis; Domingue, John; Kanter, Theo; Karnouskos, Stamatis; Krco, Srdjan; Lefevre, Laurent; Lentjes, Jasper; Li, Man-Sze; Malone, Paul; Manzalini, Antonio; Lotz, Volkmar; Muller, Henning; Oberle, Karsten; O'Connor, Noel; Papanikolaou, Nick; Petcu, Dana; Rahmani, Rahim; Raz, Danny; Richards, Gael; Salvadori, Elio; Sargento, Susana; Schaffers, Hans; Serat, Joan; Stiller, Burkhard; Skarmeta, Antonio; Tutschku, Kurt; Zahariadis, Theodore (Ed.) The Future Internet / Future Internet Assembly 2013: Validated Results and New Horizons Book Springer, 2013. BibTeX | Tags: @book{Galis2013, title = {The Future Internet / Future Internet Assembly 2013: Validated Results and New Horizons}, editor = {Alex Galis and Anastasius Gavras and Federico Alvarez and Alessandro Bassi and Michele Bezzi and Laurent Ciavaglia and Frances Cleary and Petros Daras and Herman de Meer and Panagiotis Demestichas and John Domingue and Theo Kanter and Stamatis Karnouskos and Srdjan Krco and Laurent Lefevre and Jasper Lentjes and Man-Sze Li and Paul Malone and Antonio Manzalini and Volkmar Lotz and Henning Muller and Karsten Oberle and Noel O'Connor and Nick Papanikolaou and Dana Petcu and Rahim Rahmani and Danny Raz and Gael Richards and Elio Salvadori and Susana Sargento and Hans Schaffers and Joan Serat and Burkhard Stiller and Antonio Skarmeta and Kurt Tutschku and Theodore Zahariadis}, year = {2013}, date = {2013-01-01}, publisher = {Springer}, keywords = {}, pubstate = {published}, tppubtype = {book} } |
2012 |
|
| 60. | Cleary, Frances; Howker, Keith; Massacci, Fabio; Wainwright, Nick; Papanikolaou, Nick; Bezzi, Michele; Rodriguez, Pedro Soria EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics Inproceedings Proceedings of e-Challenges e-2012 Conference, Lisbon, Portugal, 2012. Abstract | Links | BibTeX | Tags: @inproceedings{Cleary2012, title = {EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics}, author = {Frances Cleary and Keith Howker and Fabio Massacci and Nick Wainwright and Nick Papanikolaou and Michele Bezzi and Pedro Soria Rodriguez}, url = {../files/eChallenges_effectsplus.pdf}, year = {2012}, date = {2012-10-01}, booktitle = {Proceedings of e-Challenges e-2012 Conference}, address = {Lisbon, Portugal}, abstract = {Structured and coordinated clustering increases the effectiveness of R&D project work helping to raise awareness, align approaches and create synergies. The project EFFECTS+ coordinates such clustering and trust and security research project potential impact analysis activities. This provides the wider community with an interest in the trust and security research space the opportunity to participate, contribute to and gain an overall view of current state of the art and active research projects ongoing within the Europe in this domain. This paper will provide you with an overview of the activities completed by EFFECTS+ to date, highlighting the clustering structure and the research project impact analysis completed so far. EFFECTS+ also focuses on the development of a trust and security strategic research agenda for future work. This paper will address the process and structure adopted by EFFECTS+ for the identification and consolidation of such future roadmapping content.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } Structured and coordinated clustering increases the effectiveness of R&D project work helping to raise awareness, align approaches and create synergies. The project EFFECTS+ coordinates such clustering and trust and security research project potential impact analysis activities. This provides the wider community with an interest in the trust and security research space the opportunity to participate, contribute to and gain an overall view of current state of the art and active research projects ongoing within the Europe in this domain. This paper will provide you with an overview of the activities completed by EFFECTS+ to date, highlighting the clustering structure and the research project impact analysis completed so far. EFFECTS+ also focuses on the development of a trust and security strategic research agenda for future work. This paper will address the process and structure adopted by EFFECTS+ for the identification and consolidation of such future roadmapping content. |
| 59. | Wainwright, Nick; Papanikolaou, Nick Forming A Vision for Future Internet Research Inproceedings Proceedings of e-Challenges e-2012 Conference, Lisbon, Portugal, 2012. Abstract | Links | BibTeX | Tags: @inproceedings{echallenges2012, title = {Forming A Vision for Future Internet Research}, author = {Nick Wainwright and Nick Papanikolaou}, url = {../files/eChallenges2012.pdf}, year = {2012}, date = {2012-10-01}, booktitle = {Proceedings of e-Challenges e-2012 Conference}, address = {Lisbon, Portugal}, abstract = {This paper presents a vision for the Future Internet and its impact on indi- viduals, businesses and society as a whole; the vision presented is based on an ex- tended consultation carried out by the authors within the European Future Internet research community, as part of the work of the Future Internet Assembly (FIA). The core result of this paper is the identification of six research priorities for the future. We also present a scenario related to the London Olympic Games, which is intended to link together the research priorities and related findings.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } This paper presents a vision for the Future Internet and its impact on indi- viduals, businesses and society as a whole; the vision presented is based on an ex- tended consultation carried out by the authors within the European Future Internet research community, as part of the work of the Future Internet Assembly (FIA). The core result of this paper is the identification of six research priorities for the future. We also present a scenario related to the London Olympic Games, which is intended to link together the research priorities and related findings. |
| 58. | Papanikolaou, Nick Natural Language Processing of Rules and Regulations for Compliance in the Cloud Inproceedings Proceedings of DOA-SVI 2012, Rome, Italy, 2012. Abstract | Links | BibTeX | Tags: @inproceedings{Papanikolaou2012e, title = {Natural Language Processing of Rules and Regulations for Compliance in the Cloud}, author = {Nick Papanikolaou}, url = {../files/DOASVI2012.pdf}, year = {2012}, date = {2012-09-01}, booktitle = {Proceedings of DOA-SVI 2012}, address = {Rome, Italy}, abstract = {We discuss ongoing work on developing tools and techniques for under- standing natural-language descriptions of security and privacy rules, particularly in the context of cloud computing services. In particular, we present a three-part toolkit for analyzing and processing texts, and enforcing privacy and security rules extracted from those texts. We are interested in developing efficient, accurate technologies to reduce the time spent analyzing and reasoning about new privacy laws and security rules within the enterprise. We describe the tools we have developed for semantic annotation, and also for information extraction - these are specifically intended for analysis of cloud terms of service, and therefore designed to help with self- compliance; however, the techniques involved should be generalizable to other rele- vant texts, esp. rules and regulations for data protection.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } We discuss ongoing work on developing tools and techniques for under- standing natural-language descriptions of security and privacy rules, particularly in the context of cloud computing services. In particular, we present a three-part toolkit for analyzing and processing texts, and enforcing privacy and security rules extracted from those texts. We are interested in developing efficient, accurate technologies to reduce the time spent analyzing and reasoning about new privacy laws and security rules within the enterprise. We describe the tools we have developed for semantic annotation, and also for information extraction - these are specifically intended for analysis of cloud terms of service, and therefore designed to help with self- compliance; however, the techniques involved should be generalizable to other rele- vant texts, esp. rules and regulations for data protection. |
| 57. | Papanikolaou, Nikolaos; Creese, Sadie; Goldsmith, Michael Refinement Checking for Privacy Policies Journal Article Science of Computer Programming, 77 (10, 11), pp. 1198, 2012. Abstract | Links | BibTeX | Tags: @article{Papanikolaou2010c, title = {Refinement Checking for Privacy Policies}, author = {Nikolaos Papanikolaou and Sadie Creese and Michael Goldsmith}, url = {../files/polrefc.pdf}, doi = {10.1016/j.scico.2011.07.009}, year = {2012}, date = {2012-09-01}, journal = {Science of Computer Programming}, volume = {77}, number = {10, 11}, pages = {1198}, abstract = {This paper presents a framework for analysis and comparison of privacy policies expressed in P3P (Platform for Privacy Preferences). In contrast to existing approaches to policy analysis, which focus on demonstrations of equality or equivalence of policies, our approach makes it possible to check for refinement between policies. We automatically generate a CSP model from a P3P policy, which represents the policy's intended semantics; using the FDR model checker, we then perform various tests (using process refinement) to determine (a) whether a policy is internally consistent, and (b) whether a given policy refines another by permitting similar data collection, processing and sharing practices. Our approach allows for the detection of subtle differences between practices prescribed by different privacy policies, the comparison of relative levels of privacy offered by different policies, and captures the semantics of policies intended in the original P3P standard. The systematic translation of policies to CSP provides a formal means of reasoning about websites' privacy policies, and therefore the practices of various enterprises with regards to personal data.}, keywords = {}, pubstate = {published}, tppubtype = {article} } This paper presents a framework for analysis and comparison of privacy policies expressed in P3P (Platform for Privacy Preferences). In contrast to existing approaches to policy analysis, which focus on demonstrations of equality or equivalence of policies, our approach makes it possible to check for refinement between policies. We automatically generate a CSP model from a P3P policy, which represents the policy's intended semantics; using the FDR model checker, we then perform various tests (using process refinement) to determine (a) whether a policy is internally consistent, and (b) whether a given policy refines another by permitting similar data collection, processing and sharing practices. Our approach allows for the detection of subtle differences between practices prescribed by different privacy policies, the comparison of relative levels of privacy offered by different policies, and captures the semantics of policies intended in the original P3P standard. The systematic translation of policies to CSP provides a formal means of reasoning about websites' privacy policies, and therefore the practices of various enterprises with regards to personal data. |
| 56. | Monahan, Brian; Papanikolaou, Nick Formal Analysis and Verification of Systems Security Models with Gnosis Miscellaneous 2012. Abstract | Links | BibTeX | Tags: @misc{Monahan2012a, title = {Formal Analysis and Verification of Systems Security Models with Gnosis}, author = {Brian Monahan and Nick Papanikolaou}, url = {../files/monpap2.pdf}, year = {2012}, date = {2012-05-01}, abstract = {Emergent context-dependent non-functional re- quirements, such as those involving systems security activities and processes are, almost by definition, difficult to assess for their adequacy. One cannot easily anticipate and measure the effectiveness of systems defences in advance of actual field deployment until it is, of course, too late and the damage has been done. Our approach to security requirements assessment involves explicitly building systems security models using Gnosis, a process modelling simulation language developed at HP Labs. Gnosis models capture security situations which typically include aspects of the threat environment. In this paper we present the core aspects of this approach and discuss our latest work on developing explicit-state model checking of properties of multiple simulation runs.}, keywords = {}, pubstate = {published}, tppubtype = {misc} } Emergent context-dependent non-functional re- quirements, such as those involving systems security activities and processes are, almost by definition, difficult to assess for their adequacy. One cannot easily anticipate and measure the effectiveness of systems defences in advance of actual field deployment until it is, of course, too late and the damage has been done. Our approach to security requirements assessment involves explicitly building systems security models using Gnosis, a process modelling simulation language developed at HP Labs. Gnosis models capture security situations which typically include aspects of the threat environment. In this paper we present the core aspects of this approach and discuss our latest work on developing explicit-state model checking of properties of multiple simulation runs. |
| 55. | Mont, Marco Casassa; McCorry, Kieran; Papanikolaou, Nick; Pearson, Siani Security And Privacy Governance In Cloud Computing Via SLAs And A Policy Orchestration Service Technical Report HP Laboratories (HPL-2012-55), 2012. Abstract | Links | BibTeX | Tags: @techreport{CasassaMont2012a, title = {Security And Privacy Governance In Cloud Computing Via SLAs And A Policy Orchestration Service}, author = {Marco Casassa Mont and Kieran McCorry and Nick Papanikolaou and Siani Pearson}, url = {../files/paper-orchestrator.pdf}, year = {2012}, date = {2012-03-01}, number = {HPL-2012-55}, institution = {HP Laboratories}, abstract = {We present in this paper the novel concept of a policy orchestration service, which is designed to facilitate security and privacy governance in the enterprise, particularly for the case where various services are provided to the enterprise through external suppliers in the cloud. The orchestration service mediates between the enterprises¢ internal decision support systems (which incorporate core security and privacy recommendations) and the cloud-based service providers, who are assumed to be bound by contractual service level agreements with the enterprise. The function of the orchestration service, which is intended to be accessed as a trusted service in the cloud, is to ensure that applicable security and privacy recommendations are actioned by service providers through adequate monitoring and enforcement mechanisms.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } We present in this paper the novel concept of a policy orchestration service, which is designed to facilitate security and privacy governance in the enterprise, particularly for the case where various services are provided to the enterprise through external suppliers in the cloud. The orchestration service mediates between the enterprises¢ internal decision support systems (which incorporate core security and privacy recommendations) and the cloud-based service providers, who are assumed to be bound by contractual service level agreements with the enterprise. The function of the orchestration service, which is intended to be accessed as a trusted service in the cloud, is to ensure that applicable security and privacy recommendations are actioned by service providers through adequate monitoring and enforcement mechanisms. |
| 54. | Papanikolaou, Nick; Pearson, Siani; Mont, Marco Casassa; Ko, Ryan Automating Compliance for Cloud Computing Services Technical Report HP Laboratories (HPL-2012-56), 2012. BibTeX | Tags: @techreport{Papanikolaou2012c, title = {Automating Compliance for Cloud Computing Services}, author = {Nick Papanikolaou and Siani Pearson and Marco Casassa Mont and Ryan Ko}, year = {2012}, date = {2012-03-01}, number = {HPL-2012-56}, institution = {HP Laboratories}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } |
| 53. | Mont, Marco Casassa; McCorry, Kieran; Papanikolaou, Nick; Pearson, Siani Security and Privacy Governance In Cloud Computing via SLAs and a Policy Orchestration Service Inproceedings Proceedings of the 2textsuperscriptnd International Conference on Cloud Computing and Services Science (CLOSER 2012), SciTePress, 2012. Abstract | Links | BibTeX | Tags: @inproceedings{CasassaMont2012, title = {Security and Privacy Governance In Cloud Computing via SLAs and a Policy Orchestration Service}, author = {Marco Casassa Mont and Kieran McCorry and Nick Papanikolaou and Siani Pearson}, url = {../files/paper-orchestrator.pdf}, year = {2012}, date = {2012-01-01}, booktitle = {Proceedings of the 2textsuperscriptnd International Conference on Cloud Computing and Services Science (CLOSER 2012)}, publisher = {SciTePress}, abstract = {We present in this paper the novel concept of a policy orchestration service, which is designed to facilitate security and privacy governance in the enterprise, particularly for the case where various services are provided to the enterprise through external suppliers in the cloud. The orchestration service mediates between the enterprises' internal decision support systems (which incorporate core security and privacy recommendations) and the cloud-based service providers, who are assumed to be bound by contractual service level agreements with the enterprise. The function of the orchestration service, which is intended to be accessed as a trusted service in the cloud, is to ensure that applicable security and privacy recommendations are actioned by service providers through adequate monitoring and enforcement mechanisms.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } We present in this paper the novel concept of a policy orchestration service, which is designed to facilitate security and privacy governance in the enterprise, particularly for the case where various services are provided to the enterprise through external suppliers in the cloud. The orchestration service mediates between the enterprises' internal decision support systems (which incorporate core security and privacy recommendations) and the cloud-based service providers, who are assumed to be bound by contractual service level agreements with the enterprise. The function of the orchestration service, which is intended to be accessed as a trusted service in the cloud, is to ensure that applicable security and privacy recommendations are actioned by service providers through adequate monitoring and enforcement mechanisms. |
| 52. | Davidson, Timothy; Gay, Simon J; Mlnarík, Hynek; Nagarajan, Rajagopal; Papanikolaou, Nikolaos Model Checking for Communicating Quantum Processes Journal Article International Journal of Unconventional Computing, 8 (1), pp. 73–98, 2012. Abstract | Links | BibTeX | Tags: @article{Davidson2012, title = {Model Checking for Communicating Quantum Processes}, author = {Timothy Davidson and Simon J Gay and Hynek Mlnarík and Rajagopal Nagarajan and Nikolaos Papanikolaou}, url = {../files/qmc_translation.pdf}, year = {2012}, date = {2012-01-01}, journal = {International Journal of Unconventional Computing}, volume = {8}, number = {1}, pages = {73--98}, publisher = {Old City Publishing, Inc.}, abstract = {Quantum communication is a rapidly growing area of research and development. Quantum cryptography has already been implemented for secure communication, and commercial solutions are available. The application of formal methods to classical computing and communication systems has been very successful, and is widely used by industry. We expect similar benefits for the verification of quantum systems. Communicating Quantum Processes (CQP) is a process calculus based on the ?-calculus with the inclusion of primitives for quantum information. Process calculi provide an algebraic approach to system specification and behavioural analysis. The Quantum Model Checker (QMC) is a tool for the automated verification of system correctness. Through an exhaustive search of the possible executions, QMC can check that correctness properties expressed using temporal logic formulae are satisfied. In this paper we describe our approach to the verification of quantum systems using a combination of process calculus and model checking. We also define a formal translation from CQP to the modelling language used by QMC and prove that this preserves the semantics of all supported CQP processes.}, keywords = {}, pubstate = {published}, tppubtype = {article} } Quantum communication is a rapidly growing area of research and development. Quantum cryptography has already been implemented for secure communication, and commercial solutions are available. The application of formal methods to classical computing and communication systems has been very successful, and is widely used by industry. We expect similar benefits for the verification of quantum systems. Communicating Quantum Processes (CQP) is a process calculus based on the ?-calculus with the inclusion of primitives for quantum information. Process calculi provide an algebraic approach to system specification and behavioural analysis. The Quantum Model Checker (QMC) is a tool for the automated verification of system correctness. Through an exhaustive search of the possible executions, QMC can check that correctness properties expressed using temporal logic formulae are satisfied. In this paper we describe our approach to the verification of quantum systems using a combination of process calculus and model checking. We also define a formal translation from CQP to the modelling language used by QMC and prove that this preserves the semantics of all supported CQP processes. |
| 51. | Monahan, Brian; Papanikolaou, Nick Pattern Detection in Systems Simulation: Towards a Model-Checking Framework for Security Analytics Technical Report HP Laboratories (HPL-2012-89), 2012. Abstract | Links | BibTeX | Tags: @techreport{Monahan2012, title = {Pattern Detection in Systems Simulation: Towards a Model-Checking Framework for Security Analytics}, author = {Brian Monahan and Nick Papanikolaou}, url = {../files/monpap1.pdf}, year = {2012}, date = {2012-01-01}, number = {HPL-2012-89}, institution = {HP Laboratories}, abstract = {In this paper we describe a method, and implemented prototype, for extracting high-level process models for systems modelled using the a simulation framework (for illustration we use the Gnosis language and toolset). Our technique builds a finite state automaton that characterises one or more simulation runs of a simulation model by including in its states selected parts of the latter's execution traces. The intention is that the generated automaton reveals the high?level structure of the original model, without making reference to (or requiring knowledge of) the source code of that model. We discuss applications for this technique and identify several directions for further work.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } In this paper we describe a method, and implemented prototype, for extracting high-level process models for systems modelled using the a simulation framework (for illustration we use the Gnosis language and toolset). Our technique builds a finite state automaton that characterises one or more simulation runs of a simulation model by including in its states selected parts of the latter's execution traces. The intention is that the generated automaton reveals the high?level structure of the original model, without making reference to (or requiring knowledge of) the source code of that model. We discuss applications for this technique and identify several directions for further work. |
| 50. | Papanikolaou, Nick Review of Algorithms and Theory of Computation Handbook by Mikhail J. Atallah and Marina Blanton Journal Article ACM SIGACT News, 43 (2), pp. 29–32, 2012. @article{newreview2012, title = {Review of Algorithms and Theory of Computation Handbook by Mikhail J. Atallah and Marina Blanton}, author = {Nick Papanikolaou}, url = {../files/handbookreview.pdf}, doi = {10.1145/2261417.2261425}, year = {2012}, date = {2012-01-01}, journal = {ACM SIGACT News}, volume = {43}, number = {2}, pages = {29--32}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| 49. | Papanikolaou, Nick Intelligent Information Gathering for Security and Privacy Compliance in Cloud Computing Technical Report HP Laboratories (HPL-2012-71), 2012. BibTeX | Tags: @techreport{Papanikolaou2012d, title = {Intelligent Information Gathering for Security and Privacy Compliance in Cloud Computing}, author = {Nick Papanikolaou}, year = {2012}, date = {2012-01-01}, number = {HPL-2012-71}, institution = {HP Laboratories}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } |
| 48. | Papanikolaou, Nikolaos; Pearson, Siani; Mont, Marco Casassa; Brown, Richard; McCorry, Kieran; Sander, Tomas; Rao., Prasad An online knowledge base store (KB Store) Journal Article Research Disclosure, pp. 114–115, 2012, (ID 574026). @article{Papanikolaou2012a, title = {An online knowledge base store (KB Store)}, author = {Nikolaos Papanikolaou and Siani Pearson and Marco Casassa Mont and Richard Brown and Kieran McCorry and Tomas Sander and Prasad Rao.}, year = {2012}, date = {2012-01-01}, journal = {Research Disclosure}, pages = {114--115}, abstract = {This paper presents the idea of a Knowledge Base Store.}, note = {ID 574026}, keywords = {}, pubstate = {published}, tppubtype = {article} } This paper presents the idea of a Knowledge Base Store. |
| 47. | Papanikolaou, Nick; Pearson, Siani; Mont, Marco Casassa; Ko, Ryan Automating Compliance for Cloud Computing Services Inproceedings Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER 2012), SciTePress, 2012. Abstract | Links | BibTeX | Tags: @inproceedings{Papanikolaou2012b, title = {Automating Compliance for Cloud Computing Services}, author = {Nick Papanikolaou and Siani Pearson and Marco Casassa Mont and Ryan Ko}, url = {../files/paper-nlp.pdf}, year = {2012}, date = {2012-01-01}, booktitle = {Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER 2012)}, publisher = {SciTePress}, abstract = {We present an integrated approach for automating service providers' compliance with data protection laws and regulations, business and technical requirements in cloud computing. The techniques we propose in particular include: natural-language analysis (of legislative and regulatory texts, and corporate security rulebooks) and extraction of enforceable rules, use of sticky policies, automated policy enforcement and active monitoring of data, particularly in cloud environments. We discuss ongoing work on developing a software tool for natural-language processing of cloud terms of service and other related policy texts. We also identify opportunities for future software development in the area of cloud computing compliance.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } We present an integrated approach for automating service providers' compliance with data protection laws and regulations, business and technical requirements in cloud computing. The techniques we propose in particular include: natural-language analysis (of legislative and regulatory texts, and corporate security rulebooks) and extraction of enforceable rules, use of sticky policies, automated policy enforcement and active monitoring of data, particularly in cloud environments. We discuss ongoing work on developing a software tool for natural-language processing of cloud terms of service and other related policy texts. We also identify opportunities for future software development in the area of cloud computing compliance. |
| 46. | Wainwright, Nick; Papanikolaou, Nick The FIA Research Roadmap: Priorities for Future Internet Research Incollection Alvarez, F; Cleary, F; Daras, P; Domingue, J; Galis, A; Garcia, A; Gavras, A; Karnourskos, S; Krco, S; Li, M -S; Lotz, V; Müller, H; Salvadori, E; Sassen, A -M; Schaffers, H; Stiller, B; Tselentis, G; Turkama, P; Zahariadis, T (Ed.): Future Internet --- From Technological Promises to Reality, 7281 , Springer, 2012. Abstract | Links | BibTeX | Tags: @incollection{Wainwright2012, title = {The FIA Research Roadmap: Priorities for Future Internet Research}, author = {Nick Wainwright and Nick Papanikolaou}, editor = {F Alvarez and F Cleary and P Daras and J Domingue and A Galis and A Garcia and A Gavras and S Karnourskos and S Krco and M -S Li and V Lotz and H Müller and E Salvadori and A -M Sassen and H Schaffers and B Stiller and G Tselentis and P Turkama and T Zahariadis}, url = {../files/fiapaper.pdf}, year = {2012}, date = {2012-01-01}, booktitle = {Future Internet --- From Technological Promises to Reality}, volume = {7281}, publisher = {Springer}, series = {Lecture Notes in Computer Science}, abstract = {The Future Internet Assembly Research Roadmap for Framework Programme 8 captures the ideas and contributions of the FIA community on the important research topics that should be addressed for the Framework Programme 8 research programmes broadly grouped around three main concerns; economic and business interests; societal interests and challenges; technical disruptions and capabilities. The contents of this roadmap originate with the community of researchers working on all aspects of the Future Internet and meet to share and discuss ideas through the Future Internet Assembly through an open consultation of research projects who participate in FIA. This roadmap is primarily concerned with identifying research that can be carried out in the second half of this decade and which will have an impact in 2020 and beyond. By impact, we mean will result in products, services, systems, capabilities, that come to market and are available and deployed in that timeframe. The approach adopted in this report is to integrate contributions across the entire space of future Internet research with the aim of bringing out the vision for how and where the Internet will make a significant difference in the future and identifying the broad challenges and gaps, and identifying the solutions and research needs in the future. In this report we have summarised and grouped ideas with the aim of identifying the strong themes and consistent challenges that emerge looking across the whole agenda.}, keywords = {}, pubstate = {published}, tppubtype = {incollection} } The Future Internet Assembly Research Roadmap for Framework Programme 8 captures the ideas and contributions of the FIA community on the important research topics that should be addressed for the Framework Programme 8 research programmes broadly grouped around three main concerns; economic and business interests; societal interests and challenges; technical disruptions and capabilities. The contents of this roadmap originate with the community of researchers working on all aspects of the Future Internet and meet to share and discuss ideas through the Future Internet Assembly through an open consultation of research projects who participate in FIA. This roadmap is primarily concerned with identifying research that can be carried out in the second half of this decade and which will have an impact in 2020 and beyond. By impact, we mean will result in products, services, systems, capabilities, that come to market and are available and deployed in that timeframe. The approach adopted in this report is to integrate contributions across the entire space of future Internet research with the aim of bringing out the vision for how and where the Internet will make a significant difference in the future and identifying the broad challenges and gaps, and identifying the solutions and research needs in the future. In this report we have summarised and grouped ideas with the aim of identifying the strong themes and consistent challenges that emerge looking across the whole agenda. |
| 45. | Wainwright, Nick; Papanikolaou, Nick The FIA Research Roadmap: Priorities for Future Internet Research Technical Report HP Laboratories (HPL-2012-70), 2012. Abstract | Links | BibTeX | Tags: @techreport{Wainwright2012a, title = {The FIA Research Roadmap: Priorities for Future Internet Research}, author = {Nick Wainwright and Nick Papanikolaou}, url = {../files/fiapaper.pdf}, year = {2012}, date = {2012-01-01}, number = {HPL-2012-70}, institution = {HP Laboratories}, abstract = {We describe the key findings of the Future Internet Assembly Research Roadmap for Framework Programme 8, which captures the ideas and contributions of the FIA community on the important research topics that should be addressed in future funding programmes. The findings of the roadmap have been produced through an open consultation of research projects who participate in FIA. It is primarily concerned with identifying research that can be carried out in the second half of this decade and which will have an impact in 2020 and beyond. By ¡impact¢ we mean will result in products, services, systems, capabilities, that come to market and are available and deployed in that timeframe.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } We describe the key findings of the Future Internet Assembly Research Roadmap for Framework Programme 8, which captures the ideas and contributions of the FIA community on the important research topics that should be addressed in future funding programmes. The findings of the roadmap have been produced through an open consultation of research projects who participate in FIA. It is primarily concerned with identifying research that can be carried out in the second half of this decade and which will have an impact in 2020 and beyond. By ¡impact¢ we mean will result in products, services, systems, capabilities, that come to market and are available and deployed in that timeframe. |
2011 |
|
| 44. | Papanikolaou, Nick; Pearson, Siani; Mont, Marco Casassa Automated Understanding of Cloud Terms of Service and SLAs Inproceedings Proceedings of The 22nd Hewlett-Packard Colloquium on Information Security, Royal Holloway, University of London, 2011. Abstract | Links | BibTeX | Tags: @inproceedings{Papanikolaou2011f, title = {Automated Understanding of Cloud Terms of Service and SLAs}, author = {Nick Papanikolaou and Siani Pearson and Marco Casassa Mont}, url = {../files/CloudCom2011.pdf}, year = {2011}, date = {2011-12-01}, booktitle = {Proceedings of The 22nd Hewlett-Packard Colloquium on Information Security}, address = {Royal Holloway, University of London}, abstract = {We argue in favour of a set of particular tools and approaches to help achieve accountability in cloud computing. Our concern is helping cloud providers achieve their security goals and meeting their customers' security and privacy requirements. The techniques we propose in particular include: natural-language analysis (of legislative and regulatory texts, and corporate security rulebooks) and extraction of enforceable rules, use of sticky policies, automated policy enforcement and active monitoring of data, particularly in cloud environments. This is a position paper reporting our initial thinking and current progress.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } We argue in favour of a set of particular tools and approaches to help achieve accountability in cloud computing. Our concern is helping cloud providers achieve their security goals and meeting their customers' security and privacy requirements. The techniques we propose in particular include: natural-language analysis (of legislative and regulatory texts, and corporate security rulebooks) and extraction of enforceable rules, use of sticky policies, automated policy enforcement and active monitoring of data, particularly in cloud environments. This is a position paper reporting our initial thinking and current progress. |
| 43. | Papanikolaou, Nick; Pearson, Siani; Mont, Marco Casassa Automated Understanding of Cloud Terms of Service and SLAs Inproceedings Proceedings of IEEE CloudCom 2011, Athens, Greece, 2011. Abstract | Links | BibTeX | Tags: @inproceedings{Papanikolaou2011e, title = {Automated Understanding of Cloud Terms of Service and SLAs}, author = {Nick Papanikolaou and Siani Pearson and Marco Casassa Mont}, url = {../files/CloudCom2011.pdf}, year = {2011}, date = {2011-11-01}, booktitle = {Proceedings of IEEE CloudCom 2011}, address = {Athens, Greece}, abstract = {We argue in favour of a set of particular tools and approaches to help achieve accountability in cloud computing. Our concern is helping cloud providers achieve their security goals and meeting their customers' security and privacy requirements. The techniques we propose in particular include: natural-language analysis (of legislative and regulatory texts, and corporate security rulebooks) and extraction of enforceable rules, use of sticky policies, automated policy enforcement and active monitoring of data, particularly in cloud environments. This is a position paper reporting our initial thinking and current progress.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } We argue in favour of a set of particular tools and approaches to help achieve accountability in cloud computing. Our concern is helping cloud providers achieve their security goals and meeting their customers' security and privacy requirements. The techniques we propose in particular include: natural-language analysis (of legislative and regulatory texts, and corporate security rulebooks) and extraction of enforceable rules, use of sticky policies, automated policy enforcement and active monitoring of data, particularly in cloud environments. This is a position paper reporting our initial thinking and current progress. |
| 42. | Wainwright, Nick; Nick, 2011, (Produced under the auspices of the EC EFFECTSPLUS Research Project.). Abstract | Links | BibTeX | Tags: @misc{Papanikolaou2011c, title = {Trust and Security in the Future Internet: Setting the Context. Towards a vision and analysis of fundamental change areas, challenges and potential solutions as discussed at EFFECTSPLUS Clustering and Roadmapping Events}, author = {Nick Wainwright and Nick}, url = {../files/tsroadmap.pdf}, year = {2011}, date = {2011-05-01}, abstract = {The initial materials for the trust and security roadmap were gathered at three meetings organised in Effectsplus: (a) the Open Communications Event (01/02/2011), (b) the Technical Cluster meeting (29/03/2011), and (c) the Technical Cluster meeting (04/07/2011). At each of these events, the WP4 participants, Nick Wainwright and Nick Papanikolaou (HP) organised dedicated roadmapping sessions to gather inputs and validate results from earlier sessions. The structure of the sessions involved a presentation of the community¢s view of trust and security, followed by an interactive discussion of core topics. The results of our analysis were processed, written up and circulated in the European re? search community of trust and security projects. The final version was presented at the Future Internet Assembly in Poznan (24?28/10/2011).}, note = {Produced under the auspices of the EC EFFECTSPLUS Research Project.}, keywords = {}, pubstate = {published}, tppubtype = {misc} } The initial materials for the trust and security roadmap were gathered at three meetings organised in Effectsplus: (a) the Open Communications Event (01/02/2011), (b) the Technical Cluster meeting (29/03/2011), and (c) the Technical Cluster meeting (04/07/2011). At each of these events, the WP4 participants, Nick Wainwright and Nick Papanikolaou (HP) organised dedicated roadmapping sessions to gather inputs and validate results from earlier sessions. The structure of the sessions involved a presentation of the community¢s view of trust and security, followed by an interactive discussion of core topics. The results of our analysis were processed, written up and circulated in the European re? search community of trust and security projects. The final version was presented at the Future Internet Assembly in Poznan (24?28/10/2011). |
| 41. | Papanikolaou, Nick Achieving Compliance Through Natural-Language Analysis of Service Level Agreements for Cloud Services Technical Report HP Laboratories (HPL-2011-167), 2011. @techreport{Papanikolaou2011, title = {Achieving Compliance Through Natural-Language Analysis of Service Level Agreements for Cloud Services}, author = {Nick Papanikolaou}, year = {2011}, date = {2011-01-01}, number = {HPL-2011-167}, institution = {HP Laboratories}, abstract = {We discuss how to apply automated natural-language processing to cloud SLAs in order to extract formal rules pertaining to security and privacy. SLAs tend to contain comparatively predictable, prescriptive language, making the extraction of certain types of rule possible automatically. Our approach enables the extraction and semantic representation of rules. This enables the policies of different cloud service providers to be compared with regards to particular attributes, and also paves the way for automated compliance checking and enforcement of privacy and security rules in cloud infrastructures.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } We discuss how to apply automated natural-language processing to cloud SLAs in order to extract formal rules pertaining to security and privacy. SLAs tend to contain comparatively predictable, prescriptive language, making the extraction of certain types of rule possible automatically. Our approach enables the extraction and semantic representation of rules. This enables the policies of different cloud service providers to be compared with regards to particular attributes, and also paves the way for automated compliance checking and enforcement of privacy and security rules in cloud infrastructures. |
| 40. | Papanikolaou, Nick; Pearson, Siani; Mont, Marco Casassa Towards Natural-Language Understanding and Automated Enforcement of Privacy Rules and Regulations in the Cloud: Survey and Bibliography Technical Report HP Laboratories (HPL-2011-117), 2011. @techreport{Papanikolaou2011a, title = {Towards Natural-Language Understanding and Automated Enforcement of Privacy Rules and Regulations in the Cloud: Survey and Bibliography}, author = {Nick Papanikolaou and Siani Pearson and Marco Casassa Mont}, year = {2011}, date = {2011-01-01}, number = {HPL-2011-117}, institution = {HP Laboratories}, abstract = {In this paper we survey existing work on automatically processing legal, regulatory and other policy texts for the extraction and representation of privacy knowledge and rules. Our objective is to link and apply some of these techniques to policy enforcement and compliance, to provide a core means of achieving and maintaining customer privacy in an enterprise context, particularly where data is stored and processed in cloud data centres. We sketch our thoughts on how this might be done given the many different, but so far strictly distinct from one another, approaches to natural-language analysis of legal and other prescriptive texts, approaches to knowledge extraction, semantic representation, and automated enforcement of privacy rules.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } In this paper we survey existing work on automatically processing legal, regulatory and other policy texts for the extraction and representation of privacy knowledge and rules. Our objective is to link and apply some of these techniques to policy enforcement and compliance, to provide a core means of achieving and maintaining customer privacy in an enterprise context, particularly where data is stored and processed in cloud data centres. We sketch our thoughts on how this might be done given the many different, but so far strictly distinct from one another, approaches to natural-language analysis of legal and other prescriptive texts, approaches to knowledge extraction, semantic representation, and automated enforcement of privacy rules. |
| 39. | Papanikolaou, Nick; Pearson, Siani; Mont, Marco Casassa Proceedings of 1st International Workshop on Security and Trust in Virtualised Environments (STAVE 2011), 2011. Abstract | Links | BibTeX | Tags: @inproceedings{Papanikolaou2011d, title = {Towards Natural-Language Understanding and Automated Enforcement of Privacy Rules and Regulations in the Cloud: Survey and Bibliography}, author = {Nick Papanikolaou and Siani Pearson and Marco Casassa Mont}, url = {../files/STAVEPaperFinal.pdf}, year = {2011}, date = {2011-01-01}, booktitle = {Proceedings of 1st International Workshop on Security and Trust in Virtualised Environments (STAVE 2011)}, abstract = {In this paper we survey existing work on automatically processing legal, regulatory and other policy texts for the extraction and representation of privacy knowledge and rules. Our objective is to link and apply some of these techniques to policy enforcement and compliance, to provide a core means of achieving and maintaining customer privacy in an enterprise context, particularly where data is stored and processed in cloud data centres. We sketch our thoughts on how this might be done given the many different, but so far strictly distinct from one another, approaches to natural-language analysis of legal and other prescriptive texts, approaches to knowledge extraction, semantic representation, and automated enforcement of privacy rules.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } In this paper we survey existing work on automatically processing legal, regulatory and other policy texts for the extraction and representation of privacy knowledge and rules. Our objective is to link and apply some of these techniques to policy enforcement and compliance, to provide a core means of achieving and maintaining customer privacy in an enterprise context, particularly where data is stored and processed in cloud data centres. We sketch our thoughts on how this might be done given the many different, but so far strictly distinct from one another, approaches to natural-language analysis of legal and other prescriptive texts, approaches to knowledge extraction, semantic representation, and automated enforcement of privacy rules. |
| 38. | Papanikolaou, Nick; Pearson, Siani; Mont, Marco Casassa Secure and Trust Computing, Data Management and Applications, 187 , pp. 166–173, Springer, 2011. @incollection{Papanikolaou2011g, title = {Towards Natural-Language Understanding and Automated Enforcement of Privacy Rules and Regulations in the Cloud: Survey and Bibliography}, author = {Nick Papanikolaou and Siani Pearson and Marco Casassa Mont}, url = {../files/STAVEPaperFinal.pdf}, year = {2011}, date = {2011-01-01}, booktitle = {Secure and Trust Computing, Data Management and Applications}, volume = {187}, pages = {166--173}, publisher = {Springer}, series = {Communications in Computer and Information Science}, keywords = {}, pubstate = {published}, tppubtype = {incollection} } |
| 37. | Papanikolaou, Nick; Pearson, Siani; Mont, Marco Casassa; Ko, Ryan Towards Greater Accountability in Cloud Computing through Natural-Language Analysis and Automated Policy Enforcement Technical Report HP Laboratories (HPL-2011-118), 2011. Abstract | Links | BibTeX | Tags: @techreport{Papanikolaou2011b, title = {Towards Greater Accountability in Cloud Computing through Natural-Language Analysis and Automated Policy Enforcement}, author = {Nick Papanikolaou and Siani Pearson and Marco Casassa Mont and Ryan Ko}, url = {../files/tr2011b.pdf}, year = {2011}, date = {2011-01-01}, number = {HPL-2011-118}, institution = {HP Laboratories}, abstract = {We argue in favour of a set of particular tools and approaches to achieve accountability in cloud computing. Our concern is helping cloud providers achieve their security goals and meeting their customers' security and privacy requirements. The techniques we propose in particular include: natural-language analysis (of legislative and regulatory texts, and corporate security rulebooks) and extraction of enforceable rules, use of sticky policies, automated policy enforcement and active monitoring of data, particularly in cloud environments.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } We argue in favour of a set of particular tools and approaches to achieve accountability in cloud computing. Our concern is helping cloud providers achieve their security goals and meeting their customers' security and privacy requirements. The techniques we propose in particular include: natural-language analysis (of legislative and regulatory texts, and corporate security rulebooks) and extraction of enforceable rules, use of sticky policies, automated policy enforcement and active monitoring of data, particularly in cloud environments. |
| 36. | Wainwright, Nick; Papanikolaou, Nick Future Internet Assembly Research Roadmap Miscellaneous 2011, (Produced under the auspices of the EC EFFECTSPLUS Research Project.). Abstract | Links | BibTeX | Tags: @misc{Wainwright2011, title = {Future Internet Assembly Research Roadmap}, author = {Nick Wainwright and Nick Papanikolaou}, editor = {Nick Wainwright and Nick Papanikolaou}, url = {http://fisa.future-internet.eu/index.php/FIA_Research_Roadmap}, year = {2011}, date = {2011-01-01}, publisher = {European Commission}, abstract = {The Future Internet Assembly Research Roadmap for Framework Programme 8 captures the ideas and contributions of the FIA community on the important research topics that should be addressed for the Framework Programme 8 research programmes broadly grouped around three main concerns; economic and business interests; societal interests and challenges; technical disruptions and capabilities. The contents of this roadmap originate with the community of researchers working on all aspects of the Future Internet and meet to share and discuss ideas through the Future Internet Assembly through an open consultation of research projects who participate in FIA. This roadmap is primarily concerned with identifying research that can be carried out in the second half of this decade and which will have an impact in 2020 and beyond. By impact, we mean will result in products, services, systems, capabilities, that come to market and are available and deployed in that timeframe. The approach adopted in this report is to integrate contributions across the entire space of future Internet research with the aim of bringing out the vision for how and where the Internet will make a significant difference in the future and identifying the broad challenges and gaps, and identifying the solutions and research needs in the future. In this report we have summarised and grouped ideas with the aim of identifying the strong themes and consistent challenges that emerge looking across the whole agenda.}, note = {Produced under the auspices of the EC EFFECTSPLUS Research Project.}, keywords = {}, pubstate = {published}, tppubtype = {misc} } The Future Internet Assembly Research Roadmap for Framework Programme 8 captures the ideas and contributions of the FIA community on the important research topics that should be addressed for the Framework Programme 8 research programmes broadly grouped around three main concerns; economic and business interests; societal interests and challenges; technical disruptions and capabilities. The contents of this roadmap originate with the community of researchers working on all aspects of the Future Internet and meet to share and discuss ideas through the Future Internet Assembly through an open consultation of research projects who participate in FIA. This roadmap is primarily concerned with identifying research that can be carried out in the second half of this decade and which will have an impact in 2020 and beyond. By impact, we mean will result in products, services, systems, capabilities, that come to market and are available and deployed in that timeframe. The approach adopted in this report is to integrate contributions across the entire space of future Internet research with the aim of bringing out the vision for how and where the Internet will make a significant difference in the future and identifying the broad challenges and gaps, and identifying the solutions and research needs in the future. In this report we have summarised and grouped ideas with the aim of identifying the strong themes and consistent challenges that emerge looking across the whole agenda. |
2010 |
|
| 35. | Agrafiotis, Ioannis; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nick; Mont, Marco Casassa; Pearson, Siani Defining Consent and Revocation Policies Inproceedings Pre-Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Helsingborg, Sweden, 2010. Abstract | Links | BibTeX | Tags: @inproceedings{Agrafiotis2010b, title = {Defining Consent and Revocation Policies}, author = {Ioannis Agrafiotis and Sadie Creese and Michael Goldsmith and Nick Papanikolaou and Marco Casassa Mont and Siani Pearson}, url = {../files/definingcrpol.pdf}, year = {2010}, date = {2010-08-01}, booktitle = {Pre-Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life}, address = {Helsingborg, Sweden}, abstract = {In this paper we present the notion of a consent and revocation policy, as it has been defined within the context of the EnCoRe project. A consent and revocation policy is different to a privacy policy in that it defines not enterprise practices with regards to personal data, but more specifically, for each item of personal data held by an enterprise, what consent preferences a user may express and to what degree, and in what ways he or she can revoke their personal data. This builds on earlier work on defining the different forms of revocation for personal data, and on formal models of consent and revocation processes.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } In this paper we present the notion of a consent and revocation policy, as it has been defined within the context of the EnCoRe project. A consent and revocation policy is different to a privacy policy in that it defines not enterprise practices with regards to personal data, but more specifically, for each item of personal data held by an enterprise, what consent preferences a user may express and to what degree, and in what ways he or she can revoke their personal data. This builds on earlier work on defining the different forms of revocation for personal data, and on formal models of consent and revocation processes. |
| 34. | Papanikolaou, Nick; Creese, Sadie; Goldsmith, Michael; Mont, Casassa; Pearson, Siani EnCoRe: Towards a Holistic Approach to Privacy Inproceedings Proceedings of International Conference on Security and Cryptography (SECRYPT 2010), Athens, Greece, 2010. Abstract | Links | BibTeX | Tags: @inproceedings{Papanikolaou2010d, title = {EnCoRe: Towards a Holistic Approach to Privacy}, author = {Nick Papanikolaou and Sadie Creese and Michael Goldsmith and Casassa Mont and Siani Pearson}, url = {../files/ieee-secrypt.pdf}, year = {2010}, date = {2010-07-01}, booktitle = {Proceedings of International Conference on Security and Cryptography (SECRYPT 2010)}, address = {Athens, Greece}, abstract = {Privacy requirements for IT systems and solutions arise from a variety of sources, including legislation, sector-specific regulation, organisational guidelines, social and user expectations. In this paper we present and discuss a holistic approach to the management of privacy - explored in the context of the EnCoRe project - which takes into account the need to deal with these different types of policies, at different levels of abstraction as well as risk assessment methods to assess them based on specific threats, needs and constraints. We discuss examples of privacy requirements and related policies coming from different sources. We then present how a privacy-aware risk assessment approach (which leverages and extends traditional security-driven risk assessment approaches) can be used to analyse these policies, assess their compliance to requirements, identify gaps and mandate the adoption of specific controls. We explain its relevance and implications in an employee data case study, involving the management of privacy consent and revocation. This is work in progress, carried out in the context of the EnCoRe collaborative project.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } Privacy requirements for IT systems and solutions arise from a variety of sources, including legislation, sector-specific regulation, organisational guidelines, social and user expectations. In this paper we present and discuss a holistic approach to the management of privacy - explored in the context of the EnCoRe project - which takes into account the need to deal with these different types of policies, at different levels of abstraction as well as risk assessment methods to assess them based on specific threats, needs and constraints. We discuss examples of privacy requirements and related policies coming from different sources. We then present how a privacy-aware risk assessment approach (which leverages and extends traditional security-driven risk assessment approaches) can be used to analyse these policies, assess their compliance to requirements, identify gaps and mandate the adoption of specific controls. We explain its relevance and implications in an employee data case study, involving the management of privacy consent and revocation. This is work in progress, carried out in the context of the EnCoRe collaborative project. |
| 33. | Adetoye, Adedayo O; Papanikolaou, Nikolaos Static Analysis of Information Release in Interactive Programs Journal Article Electronic Communications of the EASST, 35 , 2010. Abstract | Links | BibTeX | Tags: @article{Adetoye2010, title = {Static Analysis of Information Release in Interactive Programs}, author = {Adedayo O Adetoye and Nikolaos Papanikolaou}, url = {../files/staticanalysis.pdf}, doi = {ISSN 1863-2122}, year = {2010}, date = {2010-01-01}, journal = {Electronic Communications of the EASST}, volume = {35}, abstract = {In this paper we present a model for analysing information release (or leakage) in programs written in a simple imperative language. We present the semantics of the language, an attacker model, and the notion of an information release policy. Our key contribution is the use of static analysis to compute information release of programs and to verify it against a policy. We demonstrate our approach by analysing information released to an attacker by faulty password checking programs; our example is taken from a known ?aw in versions of OpenSSH distributed with various Unix, Linux, and OpenBSD operating systems.}, keywords = {}, pubstate = {published}, tppubtype = {article} } In this paper we present a model for analysing information release (or leakage) in programs written in a simple imperative language. We present the semantics of the language, an attacker model, and the notion of an information release policy. Our key contribution is the use of static analysis to compute information release of programs and to verify it against a policy. We demonstrate our approach by analysing information released to an attacker by faulty password checking programs; our example is taken from a known ?aw in versions of OpenSSH distributed with various Unix, Linux, and OpenBSD operating systems. |
| 32. | Agrafiotis, Ioannis; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nick Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Helsingborg, Sweden, 2010. Abstract | Links | BibTeX | Tags: @inproceedings{Agrafiotis2010, title = {Applying Formal Methods to Describe Privacy Control Requirements in a Real Scenario: Emerging Ambiguities and Proposed Solutions}, author = {Ioannis Agrafiotis and Sadie Creese and Michael Goldsmith and Nick Papanikolaou}, url = {../files/PrimeLife-Jo.pdf}, year = {2010}, date = {2010-01-01}, booktitle = {Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Helsingborg, Sweden}, abstract = {In this paper, we demonstrate how formal methods can be used to unambiguously express privacy requirements. We focus on requirements for consent and revocation controls in a real world case study that has emerged within the EnCoRe project. We analyse the ambiguities and issues that arise when requirements expressed in natural language are transformed into a formal notation, and propose solutions to address these issues. These ambiguities were brought to our attention only through the use of a formal notation, which we have designed specifically for this purpose.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } In this paper, we demonstrate how formal methods can be used to unambiguously express privacy requirements. We focus on requirements for consent and revocation controls in a real world case study that has emerged within the EnCoRe project. We analyse the ambiguities and issues that arise when requirements expressed in natural language are transformed into a formal notation, and propose solutions to address these issues. These ambiguities were brought to our attention only through the use of a formal notation, which we have designed specifically for this purpose. |
| 31. | Agrafiotis, Ioannis; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nick Towards a Logic of Consent and Revocation Miscellaneous 2010, (Internal Report, EnCoRe Research Project.). Abstract | Links | BibTeX | Tags: @misc{Agrafiotis2010a, title = {Towards a Logic of Consent and Revocation}, author = {Ioannis Agrafiotis and Sadie Creese and Michael Goldsmith and Nick Papanikolaou}, url = {../files/logic-cr.pdf}, year = {2010}, date = {2010-01-01}, abstract = {Our aim is to provide a mechanism for bridging the gap between data privacy policy languages and high-level requirements. We introduce a logic for reasoning about the dynamics of privacy. In particular, we focus on the semantics of the processes of consent and revocation when applied to the handling and use of personal data. Our logic provides the basis for a formal verification framework for privacy and identity management systems. It is independent of any particular policy description language for privacy preferences and privacy-aware access control, and can be used to verify correctness of policy against requirements specifications, as well as consistency across a policy set. We give examples of how the logic can be used to specify aspects of high-level privacy policies.}, note = {Internal Report, EnCoRe Research Project.}, keywords = {}, pubstate = {published}, tppubtype = {misc} } Our aim is to provide a mechanism for bridging the gap between data privacy policy languages and high-level requirements. We introduce a logic for reasoning about the dynamics of privacy. In particular, we focus on the semantics of the processes of consent and revocation when applied to the handling and use of personal data. Our logic provides the basis for a formal verification framework for privacy and identity management systems. It is independent of any particular policy description language for privacy preferences and privacy-aware access control, and can be used to verify correctness of policy against requirements specifications, as well as consistency across a policy set. We give examples of how the logic can be used to specify aspects of high-level privacy policies. |
| 30. | Agrafiotis, Ioannis; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nick Taxonomy of Consent and Revocation Technical Report 2010. @techreport{Agrafiotis2010c, title = {Taxonomy of Consent and Revocation}, author = {Ioannis Agrafiotis and Sadie Creese and Michael Goldsmith and Nick Papanikolaou}, year = {2010}, date = {2010-01-01}, abstract = {This document is a taxonomy of the core concepts associated with consent and revocation in the context of online privacy, as they have been agreed and defined in the EnCoRe research project. A number of core concepts have been identified, classified and defined in line with the needs and applications of EnCoRe; the relationships and linkages between these concepts are presented diagrammatically.}, howpublished = {EnCoRe Project Deliverable}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } This document is a taxonomy of the core concepts associated with consent and revocation in the context of online privacy, as they have been agreed and defined in the EnCoRe research project. A number of core concepts have been identified, classified and defined in line with the needs and applications of EnCoRe; the relationships and linkages between these concepts are presented diagrammatically. |
| 29. | Adetoye, Adedayo O; Papanikolaou, Nikolaos Static Analysis of Information Release in Interactive Programs Journal Article Electronic Communications of the EASST, 35 , 2010. Abstract | Links | BibTeX | Tags: @article{Adetoye2010b, title = {Static Analysis of Information Release in Interactive Programs}, author = {Adedayo O Adetoye and Nikolaos Papanikolaou}, url = {../files/staticanalysis.pdf}, doi = {ISSN 1863-2122}, year = {2010}, date = {2010-01-01}, journal = {Electronic Communications of the EASST}, volume = {35}, abstract = {In this paper we present a model for analysing information release (or leakage) in programs written in a simple imperative language. We present the semantics of the language, an attacker model, and the notion of an information release policy. Our key contribution is the use of static analysis to compute information release of programs and to verify it against a policy. We demonstrate our approach by analysing information released to an attacker by faulty password checking programs; our example is taken from a known ?aw in versions of OpenSSH distributed with various Unix, Linux, and OpenBSD operating systems.}, keywords = {}, pubstate = {published}, tppubtype = {article} } In this paper we present a model for analysing information release (or leakage) in programs written in a simple imperative language. We present the semantics of the language, an attacker model, and the notion of an information release policy. Our key contribution is the use of static analysis to compute information release of programs and to verify it against a policy. We demonstrate our approach by analysing information released to an attacker by faulty password checking programs; our example is taken from a known ?aw in versions of OpenSSH distributed with various Unix, Linux, and OpenBSD operating systems. |
| 28. | Agrafiotis, Ioannis; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nick Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Helsingborg, Sweden, 2010. Abstract | Links | BibTeX | Tags: @inproceedings{Agrafiotis2010d, title = {Applying Formal Methods to Describe Privacy Control Requirements in a Real Scenario: Emerging Ambiguities and Proposed Solutions}, author = {Ioannis Agrafiotis and Sadie Creese and Michael Goldsmith and Nick Papanikolaou}, url = {../files/PrimeLife-Jo.pdf}, year = {2010}, date = {2010-01-01}, booktitle = {Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Helsingborg, Sweden}, abstract = {In this paper, we demonstrate how formal methods can be used to unambiguously express privacy requirements. We focus on requirements for consent and revocation controls in a real world case study that has emerged within the EnCoRe project. We analyse the ambiguities and issues that arise when requirements expressed in natural language are transformed into a formal notation, and propose solutions to address these issues. These ambiguities were brought to our attention only through the use of a formal notation, which we have designed specifically for this purpose.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } In this paper, we demonstrate how formal methods can be used to unambiguously express privacy requirements. We focus on requirements for consent and revocation controls in a real world case study that has emerged within the EnCoRe project. We analyse the ambiguities and issues that arise when requirements expressed in natural language are transformed into a formal notation, and propose solutions to address these issues. These ambiguities were brought to our attention only through the use of a formal notation, which we have designed specifically for this purpose. |
| 27. | Agrafiotis, Ioannis; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nick Towards a Logic of Consent and Revocation Miscellaneous 2010, (Internal Report, EnCoRe Research Project.). Abstract | Links | BibTeX | Tags: @misc{Agrafiotis2010ab, title = {Towards a Logic of Consent and Revocation}, author = {Ioannis Agrafiotis and Sadie Creese and Michael Goldsmith and Nick Papanikolaou}, url = {../files/logic-cr.pdf}, year = {2010}, date = {2010-01-01}, abstract = {Our aim is to provide a mechanism for bridging the gap between data privacy policy languages and high-level requirements. We introduce a logic for reasoning about the dynamics of privacy. In particular, we focus on the semantics of the processes of consent and revocation when applied to the handling and use of personal data. Our logic provides the basis for a formal verification framework for privacy and identity management systems. It is independent of any particular policy description language for privacy preferences and privacy-aware access control, and can be used to verify correctness of policy against requirements specifications, as well as consistency across a policy set. We give examples of how the logic can be used to specify aspects of high-level privacy policies.}, note = {Internal Report, EnCoRe Research Project.}, keywords = {}, pubstate = {published}, tppubtype = {misc} } Our aim is to provide a mechanism for bridging the gap between data privacy policy languages and high-level requirements. We introduce a logic for reasoning about the dynamics of privacy. In particular, we focus on the semantics of the processes of consent and revocation when applied to the handling and use of personal data. Our logic provides the basis for a formal verification framework for privacy and identity management systems. It is independent of any particular policy description language for privacy preferences and privacy-aware access control, and can be used to verify correctness of policy against requirements specifications, as well as consistency across a policy set. We give examples of how the logic can be used to specify aspects of high-level privacy policies. |
| 26. | Agrafiotis, Ioannis; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nick Taxonomy of Consent and Revocation Technical Report 2010. @techreport{Agrafiotis2010cb, title = {Taxonomy of Consent and Revocation}, author = {Ioannis Agrafiotis and Sadie Creese and Michael Goldsmith and Nick Papanikolaou}, year = {2010}, date = {2010-01-01}, abstract = {This document is a taxonomy of the core concepts associated with consent and revocation in the context of online privacy, as they have been agreed and defined in the EnCoRe research project. A number of core concepts have been identified, classified and defined in line with the needs and applications of EnCoRe; the relationships and linkages between these concepts are presented diagrammatically.}, howpublished = {EnCoRe Project Deliverable}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } This document is a taxonomy of the core concepts associated with consent and revocation in the context of online privacy, as they have been agreed and defined in the EnCoRe research project. A number of core concepts have been identified, classified and defined in line with the needs and applications of EnCoRe; the relationships and linkages between these concepts are presented diagrammatically. |
| 25. | Mont, Marco Casassa; Pearson, Siani; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nick A Conceptual Model for Privacy Policies with Consent and Revocation Requirements Inproceedings Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Springer-Verlag, 2010. Abstract | Links | BibTeX | Tags: @inproceedings{CasassaMont2010a, title = {A Conceptual Model for Privacy Policies with Consent and Revocation Requirements}, author = {Marco Casassa Mont and Siani Pearson and Sadie Creese and Michael Goldsmith and Nick Papanikolaou}, url = {../files/PrimeLife-Conceptual.pdf}, year = {2010}, date = {2010-01-01}, booktitle = {Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life}, publisher = {Springer-Verlag}, series = {Lecture Notes in Computer Science}, abstract = {This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-level, focusing on the technical implementation of access controls to personal data held by an enterprise. High-level approaches tend to address privacy as an afterthought in ordinary business practice, and involve ad hoc enforcement practices; low-level approaches often leave out important legal and business considerations focusing solely on technical management of privacy policies. Hence, neither is a panacea and the low level approaches are often not adopted in real environments. Our conceptual model provides a means to express privacy policy requirements as well as users' privacy preferences. It enables structured reasoning regarding containment and implementation between various policies at the high level, and enables easy traceability into the low-level policy implementations. Thus it offers a means to reason about correctness that links low-level privacy management mechanisms to stakeholder requirements, thereby encouraging exploitation of the low-level methods. We also present the notion of a consent and revocation policy. A consent and revocation policy is different to a privacy policy in that it defines not enterprise practices with regards to personal data, but more specifically, for each item of personal data held by an enterprise, what consent preferences a user may express and to what degree, and in what ways he or she can revoke their personal data. This builds on earlier work on defining the different forms of revocation for personal data, and on formal models of consent and revocation processes. The work and approach discussed in this paper is currently carried out in the context of the UK collaborative project EnCoRe (Ensuring Consent and Revocation).}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-level, focusing on the technical implementation of access controls to personal data held by an enterprise. High-level approaches tend to address privacy as an afterthought in ordinary business practice, and involve ad hoc enforcement practices; low-level approaches often leave out important legal and business considerations focusing solely on technical management of privacy policies. Hence, neither is a panacea and the low level approaches are often not adopted in real environments. Our conceptual model provides a means to express privacy policy requirements as well as users' privacy preferences. It enables structured reasoning regarding containment and implementation between various policies at the high level, and enables easy traceability into the low-level policy implementations. Thus it offers a means to reason about correctness that links low-level privacy management mechanisms to stakeholder requirements, thereby encouraging exploitation of the low-level methods. We also present the notion of a consent and revocation policy. A consent and revocation policy is different to a privacy policy in that it defines not enterprise practices with regards to personal data, but more specifically, for each item of personal data held by an enterprise, what consent preferences a user may express and to what degree, and in what ways he or she can revoke their personal data. This builds on earlier work on defining the different forms of revocation for personal data, and on formal models of consent and revocation processes. The work and approach discussed in this paper is currently carried out in the context of the UK collaborative project EnCoRe (Ensuring Consent and Revocation). |
| 24. | Mont, Marco Casassa; Pearson, Siani; Goldsmith, Michael; Papanikolaou, Nick Towards A Conceptual Model For Privacy Policies Technical Report HP Laboratories (HPL-2010-82), 2010. @techreport{CasassaMont2010b, title = {Towards A Conceptual Model For Privacy Policies}, author = {Marco Casassa Mont and Siani Pearson and Michael Goldsmith and Nick Papanikolaou}, year = {2010}, date = {2010-01-01}, number = {HPL-2010-82}, institution = {HP Laboratories}, abstract = {This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-level, focusing on the technical implementation of access controls to personal data held by an enterprise. High-level approaches tend to address privacy as an afterthought in ordinary business practice, and involve ad hoc enforcement practices; low-level approaches often leave out important legal and business considerations focusing solely on technical management of privacy policies. Hence, neither is a panacea and the low level approaches are often not adopted in real environments. Our conceptual model provides a means to express privacy policy requirements as well as users' privacy preferences. It enables structured reasoning regarding containment and implementation between various policies at the high level, and enables easy traceability into the low-level policy implementations. Thus it offers a means to reason about correctness that links low-level privacy management mechanisms to stakeholder requirements, thereby encouraging exploitation of the low-level methods. The work and approach discussed in this paper is currently carried out in the context of the UK EnCoRe (Ensuring Consent and Revocation) collaborative project.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-level, focusing on the technical implementation of access controls to personal data held by an enterprise. High-level approaches tend to address privacy as an afterthought in ordinary business practice, and involve ad hoc enforcement practices; low-level approaches often leave out important legal and business considerations focusing solely on technical management of privacy policies. Hence, neither is a panacea and the low level approaches are often not adopted in real environments. Our conceptual model provides a means to express privacy policy requirements as well as users' privacy preferences. It enables structured reasoning regarding containment and implementation between various policies at the high level, and enables easy traceability into the low-level policy implementations. Thus it offers a means to reason about correctness that links low-level privacy management mechanisms to stakeholder requirements, thereby encouraging exploitation of the low-level methods. The work and approach discussed in this paper is currently carried out in the context of the UK EnCoRe (Ensuring Consent and Revocation) collaborative project. |
| 23. | Gay, Simon J; Nagarajan, Rajagopal; Papanikolaou, Nikolaos Specification and Verification of Quantum Protocols Incollection Gay, S J; Mackie, I (Ed.): Semantic Techniques in Quantum Computation, Cambridge University Press, 2010. Abstract | Links | BibTeX | Tags: @incollection{Gay2010, title = {Specification and Verification of Quantum Protocols}, author = {Simon J Gay and Rajagopal Nagarajan and Nikolaos Papanikolaou}, editor = {S J Gay and I Mackie}, url = {http://www.amazon.co.uk/Semantic-Techniques-Quantum-Computation-Simon/dp/052151374X/ref=sr_1_10?ie=UTF8&s=books&qid=1243948315&sr=1-10}, year = {2010}, date = {2010-01-01}, booktitle = {Semantic Techniques in Quantum Computation}, publisher = {Cambridge University Press}, chapter = {11}, abstract = {We describe model-checking techniques for protocols arising in quantum information theory and quantum cryptography. We discuss the theory and implementation of practical model checker, QMC, for quantum protocols. In our framework, we assume that the quantum operations performed in a protocol are restricted to those within stabilizer formalism; while this particular set of operations is not universal for quantum computation, it allows us to develop models of several useful protocols as well as of systems involving both classical and quantum information processing. We discuss the modeling language of QMC, the logic used for verification, the verification algorithms that have been implemented in the tool. We demonstrate our techniques with applications to number of case studies, including quantum teleportation and BB84 quantum coin-flipping protocol.}, keywords = {}, pubstate = {published}, tppubtype = {incollection} } We describe model-checking techniques for protocols arising in quantum information theory and quantum cryptography. We discuss the theory and implementation of practical model checker, QMC, for quantum protocols. In our framework, we assume that the quantum operations performed in a protocol are restricted to those within stabilizer formalism; while this particular set of operations is not universal for quantum computation, it allows us to develop models of several useful protocols as well as of systems involving both classical and quantum information processing. We discuss the modeling language of QMC, the logic used for verification, the verification algorithms that have been implemented in the tool. We demonstrate our techniques with applications to number of case studies, including quantum teleportation and BB84 quantum coin-flipping protocol. |
| 22. | Papanikolaou, Nick Review of The Space and Motion of Communicating Agents by Robin Milner, Cambridge University Press, 2009 (ISBN: 978-0-521-73833-0) Journal Article ACM SIGACT News, 41 (3), pp. 51–-55, 2010. @article{Papanikolaou2010b, title = {Review of The Space and Motion of Communicating Agents by Robin Milner, Cambridge University Press, 2009 (ISBN: 978-0-521-73833-0)}, author = {Nick Papanikolaou}, url = {../files/milnerreview.pdf}, year = {2010}, date = {2010-01-01}, journal = {ACM SIGACT News}, volume = {41}, number = {3}, pages = {51---55}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| 21. | Papanikolaou, Nick; Creese, Sadie; Goldsmith, Michael; Mont, Casassa; Pearson, Siani EnCoRe: Towards a holistic approach to privacy Technical Report HP Laboratories (HPL-2010-83), 2010. @techreport{Papanikolaou2010c, title = {EnCoRe: Towards a holistic approach to privacy}, author = {Nick Papanikolaou and Sadie Creese and Michael Goldsmith and Casassa Mont and Siani Pearson}, year = {2010}, date = {2010-01-01}, number = {HPL-2010-83}, institution = {HP Laboratories}, abstract = {We make the case for an integrated approach to privacy management within organisations. Current approaches to privacy management are either too high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or too low-level, focusing only on the technical implementation of access controls to personal data held by an enterprise. High-level approaches tend to address privacy as an afterthought in ordinary business practice, and involve ad hoc enforcement practices; low-level approaches often leave out important legal and business considerations. As part of the EnCoRe project we are developing a methodology which tries to bridge the gap between privacy risk and impact assessment with the technical management of privacy policies. We are working to define a conceptual model as a means of expressing policy requirements as well as users' privacy preferences and as a way to bridge the gap described above. We aim to show the value of this approach in collaborative case studies (including corporate personnel management, biobanks and assisted living) in the context of the EnCoRe project.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } We make the case for an integrated approach to privacy management within organisations. Current approaches to privacy management are either too high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or too low-level, focusing only on the technical implementation of access controls to personal data held by an enterprise. High-level approaches tend to address privacy as an afterthought in ordinary business practice, and involve ad hoc enforcement practices; low-level approaches often leave out important legal and business considerations. As part of the EnCoRe project we are developing a methodology which tries to bridge the gap between privacy risk and impact assessment with the technical management of privacy policies. We are working to define a conceptual model as a means of expressing policy requirements as well as users' privacy preferences and as a way to bridge the gap described above. We aim to show the value of this approach in collaborative case studies (including corporate personnel management, biobanks and assisted living) in the context of the EnCoRe project. |
2009 |
|
| 20. | Agrafiotis, Ioannis; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nikolaos Reaching for Informed Revocation: Shutting Off the Tap on Personal Data Inproceedings Proceedings of Fifth International Summer School on Privacy and Identity Management for Life, Nice, France, 2009. Abstract | Links | BibTeX | Tags: @inproceedings{Agrafiotis2009, title = {Reaching for Informed Revocation: Shutting Off the Tap on Personal Data}, author = {Ioannis Agrafiotis and Sadie Creese and Michael Goldsmith and Nikolaos Papanikolaou}, url = {../files/primelife-revo.pdf}, year = {2009}, date = {2009-09-01}, booktitle = {Proceedings of Fifth International Summer School on Privacy and Identity Management for Life}, address = {Nice, France}, abstract = {We introduce a revocation model for handling personal data in cyberspace. The model is motivated by a series of workshops undertaken by the EnCoRe project aimed at understanding the control requirements of a variety of data subjects. We observe that there is a lack of understanding of the various technical options available for implementing revocation preferences, and introduce the concept of informed revocation by analogy to Faden and Beauchamp's informed consent. We argue that we can overcome the limitations associated with informed consent via the implementation of EnCoRe technology solutions. Finally, we apply our model and demonstrate its validity to a number of data-handling scenarios which have arisen in the context of the EnCoRe research project. We have found that users tend to alter their default privacy preferences when they are informed of all the different types of revocation available to them.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } We introduce a revocation model for handling personal data in cyberspace. The model is motivated by a series of workshops undertaken by the EnCoRe project aimed at understanding the control requirements of a variety of data subjects. We observe that there is a lack of understanding of the various technical options available for implementing revocation preferences, and introduce the concept of informed revocation by analogy to Faden and Beauchamp's informed consent. We argue that we can overcome the limitations associated with informed consent via the implementation of EnCoRe technology solutions. Finally, we apply our model and demonstrate its validity to a number of data-handling scenarios which have arisen in the context of the EnCoRe research project. We have found that users tend to alter their default privacy preferences when they are informed of all the different types of revocation available to them. |
| 19. | Agrafiotis, Ioannis; Creese, Sadie; Goldsmith, Michael; Papanikolaou, Nikolaos Reaching for Informed Revocation: Shutting Off the Tap on Personal Data Inproceedings Proceedings of Fifth International Summer School on Privacy and Identity Management for Life, Nice, France, 2009. Abstract | Links | BibTeX | Tags: @inproceedings{Agrafiotis2009b, title = {Reaching for Informed Revocation: Shutting Off the Tap on Personal Data}, author = {Ioannis Agrafiotis and Sadie Creese and Michael Goldsmith and Nikolaos Papanikolaou}, url = {../files/primelife-revo.pdf}, year = {2009}, date = {2009-09-01}, booktitle = {Proceedings of Fifth International Summer School on Privacy and Identity Management for Life}, address = {Nice, France}, abstract = {We introduce a revocation model for handling personal data in cyberspace. The model is motivated by a series of workshops undertaken by the EnCoRe project aimed at understanding the control requirements of a variety of data subjects. We observe that there is a lack of understanding of the various technical options available for implementing revocation preferences, and introduce the concept of informed revocation by analogy to Faden and Beauchamp's informed consent. We argue that we can overcome the limitations associated with informed consent via the implementation of EnCoRe technology solutions. Finally, we apply our model and demonstrate its validity to a number of data-handling scenarios which have arisen in the context of the EnCoRe research project. We have found that users tend to alter their default privacy preferences when they are informed of all the different types of revocation available to them.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } We introduce a revocation model for handling personal data in cyberspace. The model is motivated by a series of workshops undertaken by the EnCoRe project aimed at understanding the control requirements of a variety of data subjects. We observe that there is a lack of understanding of the various technical options available for implementing revocation preferences, and introduce the concept of informed revocation by analogy to Faden and Beauchamp's informed consent. We argue that we can overcome the limitations associated with informed consent via the implementation of EnCoRe technology solutions. Finally, we apply our model and demonstrate its validity to a number of data-handling scenarios which have arisen in the context of the EnCoRe research project. We have found that users tend to alter their default privacy preferences when they are informed of all the different types of revocation available to them. |
| 18. | Papanikolaou, Nikolaos; Creese, Sadie; Goldsmith, Michael Policy Refinement Checking Inproceedings Proceedings of Ninth International Workshop on Automated Verification of Critical Systems (AVoCS 09), Swansea University, 2009. Abstract | Links | BibTeX | Tags: @inproceedings{Papanikolaou2009b, title = {Policy Refinement Checking}, author = {Nikolaos Papanikolaou and Sadie Creese and Michael Goldsmith}, url = {../files/polrefc-avocs.pdf}, year = {2009}, date = {2009-09-01}, booktitle = {Proceedings of Ninth International Workshop on Automated Verification of Critical Systems (AVoCS 09)}, address = {Swansea University}, abstract = {We introduce refinement checking for privacy policies expressed in P3P. Our method involves a translation of privacy policies to a set of process specifications in CSP, which describe how the privacy policy is enforced. The technique is described through an example involving medical data collected by a biobank.}, keywords = {}, pubstate = {published}, tppubtype = {inproceedings} } We introduce refinement checking for privacy policies expressed in P3P. Our method involves a translation of privacy policies to a set of process specifications in CSP, which describe how the privacy policy is enforced. The technique is described through an example involving medical data collected by a biobank. |
List of Publications
2013 |
|
| 67. | Mapping Legal Requirements to IT Controls Technical Report HP Laboratories (HPL-2013-39), 2013. |
| 66. | Cross-Disciplinary Review of the Concept of Accountability Technical Report HP Laboratories (HPL-2013-37), 2013. |
| 65. | Cross-Disciplinary Review of the Concept of Accountability Inproceedings Proceedings of the DIMACS/BIC/A4Cloud/CSA International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC), 2013. |
| 64. | Mapping Legal Requirements to IT Controls Inproceedings Proceedings of the Sixth International Workshop on Requirements Engineering and Law (RELAW), 2013. |
| 63. | Towards a Model of Accountability for Cloud Computing Services Technical Report HP Laboratories (HPL-2013-38), 2013. |
| 62. | Towards a Model of Accountability for Cloud Computing Services Inproceedings Proceedings of the DIMACS/BIC/A4Cloud/CSA International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC), 2013. |
| 61. | The Future Internet / Future Internet Assembly 2013: Validated Results and New Horizons Book Springer, 2013. |
2012 |
|
| 60. | EFFECTS+ Clustering of Trust and Security Research Projects, Identifying Results, Impact and Future Research Roadmap Topics Inproceedings Proceedings of e-Challenges e-2012 Conference, Lisbon, Portugal, 2012. |
| 59. | Forming A Vision for Future Internet Research Inproceedings Proceedings of e-Challenges e-2012 Conference, Lisbon, Portugal, 2012. |
| 58. | Natural Language Processing of Rules and Regulations for Compliance in the Cloud Inproceedings Proceedings of DOA-SVI 2012, Rome, Italy, 2012. |
| 57. | Refinement Checking for Privacy Policies Journal Article Science of Computer Programming, 77 (10, 11), pp. 1198, 2012. |
| 56. | Formal Analysis and Verification of Systems Security Models with Gnosis Miscellaneous 2012. |
| 55. | Security And Privacy Governance In Cloud Computing Via SLAs And A Policy Orchestration Service Technical Report HP Laboratories (HPL-2012-55), 2012. |
| 54. | Automating Compliance for Cloud Computing Services Technical Report HP Laboratories (HPL-2012-56), 2012. |
| 53. | Security and Privacy Governance In Cloud Computing via SLAs and a Policy Orchestration Service Inproceedings Proceedings of the 2textsuperscriptnd International Conference on Cloud Computing and Services Science (CLOSER 2012), SciTePress, 2012. |
| 52. | Model Checking for Communicating Quantum Processes Journal Article International Journal of Unconventional Computing, 8 (1), pp. 73–98, 2012. |
| 51. | Pattern Detection in Systems Simulation: Towards a Model-Checking Framework for Security Analytics Technical Report HP Laboratories (HPL-2012-89), 2012. |
| 50. | Review of Algorithms and Theory of Computation Handbook by Mikhail J. Atallah and Marina Blanton Journal Article ACM SIGACT News, 43 (2), pp. 29–32, 2012. |
| 49. | Intelligent Information Gathering for Security and Privacy Compliance in Cloud Computing Technical Report HP Laboratories (HPL-2012-71), 2012. |
| 48. | An online knowledge base store (KB Store) Journal Article Research Disclosure, pp. 114–115, 2012, (ID 574026). |
| 47. | Automating Compliance for Cloud Computing Services Inproceedings Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER 2012), SciTePress, 2012. |
| 46. | The FIA Research Roadmap: Priorities for Future Internet Research Incollection Alvarez, F; Cleary, F; Daras, P; Domingue, J; Galis, A; Garcia, A; Gavras, A; Karnourskos, S; Krco, S; Li, M -S; Lotz, V; Müller, H; Salvadori, E; Sassen, A -M; Schaffers, H; Stiller, B; Tselentis, G; Turkama, P; Zahariadis, T (Ed.): Future Internet --- From Technological Promises to Reality, 7281 , Springer, 2012. |
| 45. | The FIA Research Roadmap: Priorities for Future Internet Research Technical Report HP Laboratories (HPL-2012-70), 2012. |
2011 |
|
| 44. | Automated Understanding of Cloud Terms of Service and SLAs Inproceedings Proceedings of The 22nd Hewlett-Packard Colloquium on Information Security, Royal Holloway, University of London, 2011. |
| 43. | Automated Understanding of Cloud Terms of Service and SLAs Inproceedings Proceedings of IEEE CloudCom 2011, Athens, Greece, 2011. |
| 42. | 2011, (Produced under the auspices of the EC EFFECTSPLUS Research Project.). |
| 41. | Achieving Compliance Through Natural-Language Analysis of Service Level Agreements for Cloud Services Technical Report HP Laboratories (HPL-2011-167), 2011. |
| 40. | Towards Natural-Language Understanding and Automated Enforcement of Privacy Rules and Regulations in the Cloud: Survey and Bibliography Technical Report HP Laboratories (HPL-2011-117), 2011. |
| 39. | Proceedings of 1st International Workshop on Security and Trust in Virtualised Environments (STAVE 2011), 2011. |
| 38. | Secure and Trust Computing, Data Management and Applications, 187 , pp. 166–173, Springer, 2011. |
| 37. | Towards Greater Accountability in Cloud Computing through Natural-Language Analysis and Automated Policy Enforcement Technical Report HP Laboratories (HPL-2011-118), 2011. |
| 36. | Future Internet Assembly Research Roadmap Miscellaneous 2011, (Produced under the auspices of the EC EFFECTSPLUS Research Project.). |
2010 |
|
| 35. | Defining Consent and Revocation Policies Inproceedings Pre-Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Helsingborg, Sweden, 2010. |
| 34. | EnCoRe: Towards a Holistic Approach to Privacy Inproceedings Proceedings of International Conference on Security and Cryptography (SECRYPT 2010), Athens, Greece, 2010. |
| 33. | Static Analysis of Information Release in Interactive Programs Journal Article Electronic Communications of the EASST, 35 , 2010. |
| 32. | Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Helsingborg, Sweden, 2010. |
| 31. | Towards a Logic of Consent and Revocation Miscellaneous 2010, (Internal Report, EnCoRe Research Project.). |
| 30. | Taxonomy of Consent and Revocation Technical Report 2010. |
| 29. | Static Analysis of Information Release in Interactive Programs Journal Article Electronic Communications of the EASST, 35 , 2010. |
| 28. | Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Helsingborg, Sweden, 2010. |
| 27. | Towards a Logic of Consent and Revocation Miscellaneous 2010, (Internal Report, EnCoRe Research Project.). |
| 26. | Taxonomy of Consent and Revocation Technical Report 2010. |
| 25. | A Conceptual Model for Privacy Policies with Consent and Revocation Requirements Inproceedings Proceedings of PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Springer-Verlag, 2010. |
| 24. | Towards A Conceptual Model For Privacy Policies Technical Report HP Laboratories (HPL-2010-82), 2010. |
| 23. | Specification and Verification of Quantum Protocols Incollection Gay, S J; Mackie, I (Ed.): Semantic Techniques in Quantum Computation, Cambridge University Press, 2010. |
| 22. | Review of The Space and Motion of Communicating Agents by Robin Milner, Cambridge University Press, 2009 (ISBN: 978-0-521-73833-0) Journal Article ACM SIGACT News, 41 (3), pp. 51–-55, 2010. |
| 21. | EnCoRe: Towards a holistic approach to privacy Technical Report HP Laboratories (HPL-2010-83), 2010. |
2009 |
|
| 20. | Reaching for Informed Revocation: Shutting Off the Tap on Personal Data Inproceedings Proceedings of Fifth International Summer School on Privacy and Identity Management for Life, Nice, France, 2009. |
| 19. | Reaching for Informed Revocation: Shutting Off the Tap on Personal Data Inproceedings Proceedings of Fifth International Summer School on Privacy and Identity Management for Life, Nice, France, 2009. |
| 18. | Policy Refinement Checking Inproceedings Proceedings of Ninth International Workshop on Automated Verification of Critical Systems (AVoCS 09), Swansea University, 2009. |