A Framework for Expressing and Enforcing Purpose-Based Privacy Policies
Purpose is a key concept in privacy policies and has been mentioned in major privacy laws and regulations. Although some models have been proposed for enforcing purpose-based policies, little has been done in de ning formal semantics for purpose and therefore an e ective enforcement mechanism for policies has remained a challenge. In this paper, we develop a framework for formalizing and enforcing purpose-based privacy policies. Purpose is formally de ned as the dynamic situation of an action within the network of inter-related actions in the system. Accordingly, we propose a modal-logic language for formally expressing constraints about purposes of actions which can be used to model purpose-based policies. The semantics of this language are de ned over an abstract model of activities in the system which is directly derivable from business processes. Based on this formal framework, we discuss some properties of purpose and show how some well-known, as well as new forms of purpose constraints can be formalized using the proposed language. We also show how purpose-based constraints can be tied to other access control policies in the system. Finally, we present a model-checking algorithm for verifying whether a given state of the system complies with a given set of policies, followed by a discussion of how this can be used in an actual implementation of a purpose reference monitor.
Purpose, Semantics, purpose-Based policies