Abstract:
The advent of latest technologies and digitalization of every transaction has made the work
of people easier and time-saving. These days every organization such as banking, hospital,
e-commerce sites, insurance sectors, social networking sites and other companies are
providing online services to their users which although might have their advantages, is also
becoming a major privacy concern. Credit card details, user‟s personal information, clinical
records and other important information might get leaked to unauthorized personnel. On
top of that, users desire to get social and share personal information, likes/ dislikes, and
their day-to-day activities on social networking sites such as Facebook, Google+ has also
added more problems which might get intercepted by outsiders if not taken care of.
Many online organizations provides access control mechanisms and privacy policies to
protect users privacy but much of the policies are not completely able to cover the user‟s
concerns so a brief discussion and analysis is being done in chapter 2 between privacy
languages such as Protune, Cassandra, Rei, Ponder2, XACML, PeerTrust and EPAL to
find out which language can be applicable in all scenarios. To ensure privacy in various
sectors, Ponder2 has been strongly recommended which implements authorization policy
in Hospital and Social Networking Site scenario in our research study. The research
presents a system which uses ponder2 policy language to develop policies which will
allow/disallow users from accessing data in an organizational scenario. First, it gives a
brief overview of the language. Second, models are being designed for both the Hospital
and the Social Network scenario for a better understanding. Finally, the research
implements the system based on the proposed scenario and test whether it has been able to
give the results that has been expected.