A role-involved purpose-based access control model

Kabir, Md Enamul and Wang, Hua and Bertino, Elisa (2012) A role-involved purpose-based access control model. Information Systems Frontiers, 14 (3). pp. 809-822. ISSN 1387-3326

Abstract

This paper presents a role-involved purpose-based access control (RPAC) model, where a conditional purpose is defined as the intention of data accesses or usages under certain conditions. RPAC allows users using some data for a certain purpose with Conditions (For instance, Tony agrees that his income information can be used for marketing purposes by removing his name). The structure of RPAC model is investigated after defining access purposes, intended purposes and conditional purposes. An algorithm is developed with role-based access control (RBAC) to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects). Access purpose authorization and authentication in the RPAC model are studied with the hierarchical purpose structure. According to the model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers' data. It extends role-based access control models to a further coverage of privacy preservation in database management systems by adopting purposes and conditional intended purposes and to achieve a fine-grained access control. The work in this paper helps enterprises to circulate a clear privacy promise, and to collect and manage user preferences and consent.


Statistics for USQ ePrint 21018
Statistics for this ePrint Item
Item Type: Article (Commonwealth Reporting Category C)
Refereed: Yes
Item Status: Live Archive
Additional Information: © Springer Science+Business Media, LLC 2011. Published online 3 May 2011. Permanent restricted access to published version due to publisher copyright policy.
Depositing User: epEditor USQ
Faculty / Department / School: Historic - Faculty of Sciences - Department of Maths and Computing
Date Deposited: 01 Nov 2012 11:34
Last Modified: 14 Oct 2014 05:58
Uncontrolled Keywords: access control; conditional purpose; privacy
Fields of Research (FOR2008): 08 Information and Computing Sciences > 0806 Information Systems > 080603 Conceptual Modelling
08 Information and Computing Sciences > 0804 Data Format > 080402 Data Encryption
08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
Socio-Economic Objective (SEO2008): E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences
Identification Number or DOI: doi: 10.1007/s10796-011-9305-1
URI: http://eprints.usq.edu.au/id/eprint/21018

Actions (login required)

View Item Archive Repository Staff Only