Privacy enforcement through policy extension

Abstract

Successful coalition operations require contributions from the coalition partners which might have hidden goals and desiderata in addition to the shared coalition goals. Therefore, there is an inevitable risk-utility trade-off for information producers due to the need-to-know vs. need-to-hide tension, which must take into account the trustworthiness of the other coalition partners. A balance is often achieved by deliberate obfuscation of the shared information. In this paper, we show how to integrate obfuscation capabilities within the current OASIS standard for access control policies, namely XACML.