Kabir, Md Enamul and Wang, Hua and Bertino, Elisa (2010) A role-involved conditional purpose-based access control model. In: E-Government and E-Services Conference (EGES) at the 2010 IFIP World Computer Conference (WCC 2010), 20-23 Sep 2010, Brisbane, Australia.
Metadata
| HTML Citation | EndNote | Dublin Core | Reference Manager |
Full text available as:
![[img]](/style/images/fileicons/application_pdf.png)
| PDF (Accepted Version) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader 149Kb |
Official URL: http://www.springerlink.com/content/n1700757261152ug/
Identification Number or DOI: doi: 10.1007/978-3-642-15346-4_13
Abstract
This paper presents a role-involved conditional purpose-based access control (RCPBAC) model, where a purpose is defined as the intension of data accesses or usages. RCPBAC allows users using some data for certain purpose with conditions. The structure of RCPBAC model is defined and investigated. An algorithm is developed to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects) and is illustrated with role-based access control (RBAC) to support RCPBAC. According to this model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers’ data. It extends traditional access control models to a further coverage of privacy preserving in data mining environment as RBAC is one of the most popular approach towards access control to achieve database security and available in database management systems. The structure helps enterprises to circulate clear privacy promise, to collect and manage user preferences and consent.
| Item Type: | Conference or Workshop Item (Commonwealth Reporting Category E) (Paper) |
|---|---|
| Additional Information: | Accepted version deposited in accordance with the copyright policy of the publisher. |
| Uncontrolled Keywords: | access control; conditional purpose; privacy |
| Fields of Research (FOR2008): | 15 Commerce, Management, Tourism and Services > 1503 Business and Management > 150301 Business Information Management (incl. Records, Knowledge and Information Management, and Intelligence) 08 Information and Computing Sciences > 0806 Information Systems > 080604 Database Management 08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security |
| Subjects: | UNSPECIFIED |
| Socio-Economic Objective (SEO2008): | E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences |
| ID Code: | 18336 |
| Deposited By: | |
| Deposited On: | 06 Apr 2011 15:08 |
| Last Modified: | 22 Dec 2011 09:45 |
Archive Staff Only: edit this record