Security and Privacy Policy Languages: A Survey, Categorization and Gap Identification
This work provides a systematic review for researchers and practitioners in security and privacy management, but it is incremental as it builds on existing surveys without introducing new methods.
The paper surveys and categorizes 27 security and privacy policy languages, identifies gaps in existing approaches, and advocates for their use in specifying privacy-utility trade-off policies.
For security and privacy management and enforcement purposes, various policy languages have been presented. We give an overview on 27 security and privacy policy languages and present a categorization framework for policy languages. We show how the current policy languages are represented in the framework and summarize our interpretation. We show up identified gaps and motivate for the adoption of policy languages for the specification of privacy-utility trade-off policies.