A conditional purpose-based access control model with dynamic roles

Kabir, Md Enamul and Wang, Hua and Bertino, Elisa (2011) A conditional purpose-based access control model with dynamic roles. Expert Systems with Applications, 38 (3). pp. 1482-1489. ISSN 0957-4174

Abstract

This paper presents a model for privacy preserving access control which is based on variety of purposes. Conditional purpose is applied along with allowed purpose and prohibited purpose in the model. It allows users using some data for certain purpose with conditions. The structure of conditional purpose-based access control model is defined and investigated through dynamic roles. Access purpose is verified in a dynamic behavior, based on subject attributes, context attributes and authorization policies. Intended purposes are dynamically associated with the requested data object during the access decision. An algorithm is developed to achieve the compliance computation between access purposes and intended purposes and is illustrated with Role-based access control (RBAC) in a dynamic manner to support conditional purpose-based access control. According to this model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers’ data. It extends traditional access control models to a further coverage of privacy preserving in data mining atmosphere. The structure helps enterprises to circulate clear privacy promise, to collect and manage user preferences and consent.


Statistics for USQ ePrint 18229
Statistics for this ePrint Item
Item Type: Article (Commonwealth Reporting Category C)
Refereed: Yes
Item Status: Live Archive
Additional Information: Permanent restricted access to published version due to publisher copyright policy.
Depositing User: Mr Md Enamul Kabir
Faculty / Department / School: Historic - Faculty of Sciences - Department of Maths and Computing
Date Deposited: 19 Jul 2011 02:08
Last Modified: 03 Jul 2013 00:27
Uncontrolled Keywords: access control; purpose; data privacy
Fields of Research (FOR2008): 08 Information and Computing Sciences > 0806 Information Systems > 080604 Database Management
08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
08 Information and Computing Sciences > 0806 Information Systems > 080608 Information Systems Development Methodologies
Socio-Economic Objective (SEO2008): E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences
Identification Number or DOI: doi: 10.1016/j.eswa.2010.07.057
URI: http://eprints.usq.edu.au/id/eprint/18229

Actions (login required)

View Item Archive Repository Staff Only