Privacy-aware role based access control

Ni, Qun; Trombetta, Alberto; Bertino, Elisa; Lobo, Jorge

doi:10.1145/1266840.1266848

Cited by 137 publications

(68 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Most prior work on using formal methods for enforcing purpose restrictions has focused on when observable actions achieve a purpose [17][18][19][20][21][22][23][24]. That is, they define an action as being for a purpose if that action (possibly as part of a chain of actions) results in that purpose being achieved.…”

Section: Prior Workmentioning

confidence: 99%

Purpose Restrictions on Information Use

Tschantz

Datta

Wing

2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Privacy policies in sectors as diverse as Web services, finance and healthcare often place restrictions on the purposes for which a governed entity may use personal information. Thus, automated methods for enforcing privacy policies require a semantics of purpose restrictions to determine whether a governed agent used information for a purpose. We provide such a semantics using a formalism based on planning. We model planning using Partially Observable Markov Decision Processes (POMDPs), which supports an explicit model of information. We argue that information use is for a purpose if and only if the information is used while planning to optimize the satisfaction of that purpose under the POMDP model. We determine information use by simulating ignorance of the information prohibited by the purpose restriction, which we relate to noninterference. We use this semantics to develop a sound audit algorithm to automate the enforcement of purpose restrictions.

show abstract

Section: Prior Workmentioning

confidence: 99%

Purpose Restrictions on Information Use

Tschantz

Datta

Wing

2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Also, a relevant work in [19] proposes a comprehensive framework for expressing highly complex privacy-related policies, featuring purposes and obligations. Also, a formal definition of conflicting permission assignments is given, together with efficient conflict-checking algorithms.…”

Section: Related Workmentioning

confidence: 99%

A Formal Support for Collaborative Data Sharing

Martinelli

Matteucci

Petrocchi

et al. 2012

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Collaborating entities usually require the exchange of personal information for the achievement of a common goal, including enabling business transactions and the provisioning of critical services. A key issue affecting these interactions is the lack of control on how data is going to be used and processed by the entities that share it. To partially solve the issue, parties may have defined a set of data sharing policies regulating the exchange of data they own, or over which they have jurisdiction. However, distinct set of policies, defined by different authorities, may lead to conflicts once enacted, since, e.g., different subjects may have defined different permissions on the same data set. This paper focuses on policy analysis and offers a formal support for coming up with a conflict-free set of data sharing policies. We illustrate the methodology on the example of an emergency management.

show abstract

“…For the current popular use of Role Based Access Control (RBAC) model [13] in assigning access level to users, we may consider that it is very much possible to extend the model so that it recognizes or supports privacy protection by evaluating the users' purposes, conditions and obligations when using a database. Most of the database organizations have integrated RBAC model into their database management systems, and the privacy-aware models framed by enhancing RBAC model can be usefully implemented into these systems [14].…”

Section: Fig 2 System Flow Diagram Of Role Based Access Control Modementioning

confidence: 99%

Design of Algorithm for Environment based Dynamic Access Control Model for Database Systems

Ahmad¹,

Ahmad²

2011

IJCA

View full text Add to dashboard Cite

With the fast growing nature of enterprise business especially with the emergence of information technology, we are moving towards the era where database systems have become mandatory for the organizations to implement. Because of this, it has become very important to specify such access control model for the database systems in organizations that must ensure the security of information but at the same time dynamic. Conventionally, access control models stress on pre-defined users for which access level is pre-determined by the database administrator. Considering the need of today's business, that has become borderless, and most of unknown users also attempt to access the information, we present a design algorithm for access control model that can handle for both existing and unknown users of the database. The algorithm deals with three major parts, Environment Check, Roles and Permissions Check and finally the increment and decrement of permissions dynamically.

show abstract

Privacy-aware role based access control

Cited by 137 publications

References 10 publications

Purpose Restrictions on Information Use

Purpose Restrictions on Information Use

A Formal Support for Collaborative Data Sharing

Design of Algorithm for Environment based Dynamic Access Control Model for Database Systems

Contact Info

Product

Resources

About