EPAL Based Privacy Enforcement Using ECA Rules

  • Jaijit Bhattacharya
  • S. K. Gupta
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3803)


This paper uses an ECA based policy implementation engine to enforce simple EPAL based enterprise-wide privacy policies. This architecture supports simplified EPAL policies and enforcement requirements of a system that can autonomically manage data-privacy based on pre-specified EPAL policies. The policies are defined through a Graphical User Interface (GUI) and this paper discusses the main features of our proposed GUI. The objective of such an approach is to facilitate privacy administrators, with low IT skills, by setting privacy policies for managing the system.


Privacy Policy User Category Database Transaction Action String Active Database 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Dayal, U., et al.: The HiPAC Project: Combining Active Databases and Timing Constraints. ACM Sigmod Record 17, 1 (1988)Google Scholar
  2. 2.
    Chakravarthy, S. (ed.): Active Databases, Special Issue of the Bulletin of the IEEE TC on Data Engineering, 15, 1–4 (1992)Google Scholar
  3. 3.
    Chakravarthy, S., Widom, J.: Proc. of the 4th Intl. Workshop on Research Issues in Data Engineering: Active Database Systems, Houston (February 1994)Google Scholar
  4. 4.
    Gatziu, S., Dittrich, K.R.: SAMOS. Active Rules in Database Systems, 233–247 (1999)Google Scholar
  5. 5.
    Coupaye, T., Collet, C.: Semantics Based Implementation of Flexible Execution Models for Active Database Systems. In: Proc. 14ème Journées Bases de Données Avancées, BDA (1998)Google Scholar
  6. 6.
    Gatziu, S., Geppert, A., Dittrich, K.R.: Integrating active concepts into an object-oriented database system. In: 3rd Int’l.Workshop on Database Programming Languages, Naflion (August 1991)Google Scholar
  7. 7.
    Chakravarthy, S., Anwar, E., Maugis, L.: Design and implementation of active capability for an object-oriented database, Technical Report UF-CIS-TR-93-001, University of Florida (January 1993)Google Scholar
  8. 8.
    Chakravarthy, S., Le, R., Desai, R.: ECA Rule processing in Distributed and Heterogeneous Environments. In: Proceedings of the International Symposium on Distributed Objects and ApplicationsGoogle Scholar
  9. 9.
    Chakravarthy, S., Krishnaprasad, V., Tamizuddin, Z., Badani, R.H.: ECA Rule Integration into an OODBMS: Architecture and Implementation. In: Proc. Of the 11th Intl. Conf. On Data Engineering. Taipei, Taiwan (March 1995)Google Scholar
  10. 10.
    Chakravarthy, S., Mishra, D.: Snoop: An expressive event specification language for active databases. Knowledge and Data Engineering Journal 14, 1–26 (1994)CrossRefGoogle Scholar
  11. 11.
    Bertino, E., Guerrini, G., Merlo, I.: Triggers in Java-based Databases. L’OBJET 6(3) (2000)Google Scholar
  12. 12.
    Bertino, E., Guerrini, G., Merlo, I.: Trigger Inheritance and Overriding in an Active Object Database System. TKDE 12(4), 588–608 (2000)Google Scholar
  13. 13.
    Lupu, E., Sloman, M.: Conflicts in Policy-Based Distributed Systems Management. IEEE Transactions on Software Engineering (TSE) 25(6), 852–869 (1999)CrossRefGoogle Scholar
  14. 14.
    Bhattacharya, J., Gupta, S.K.: Privacy Broker for Enforcing Privacy Policies in Databases. In: KBCS-2004. Fifth international conference on knowledge based computer systems, Hyderabad, India (December 19-22 2004)Google Scholar
  15. 15.
    Schunter, M., et al.: Enterprise Privacy Authorization Language (EPAL 1.1), IBM Research Report,
  16. 16.
    Batra, V., et al.: Policy Driven Data Administration. In: POLICY 2002, IEEE 3rd International Workshop on Policies for Distributed Systems and Networks (2002)Google Scholar
  17. 17.
    Agrawal, R., Kiernan, J., Srikant, R., Xiu, Y.: Hippocratic Databases (Vision Paper). IBM Almaden Research Center (2002)Google Scholar
  18. 18.
    Adam, N.R., Wortman, J.C.: Security-control methods for statistical databases. ACM Computing Surveys 21(4), 515–556 (1989)CrossRefGoogle Scholar
  19. 19.
    Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison Wesley, Reading (1995)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Jaijit Bhattacharya
    • 1
  • S. K. Gupta
    • 1
  1. 1.Department of Computer Science and EngineeringIndian Institute of Technology, DelhiNew DelhiIndia

Personalised recommendations