Kabir, Md Enamul and Wang, Hua and Bertino, Elisa (2012) A role-involved purpose-based access control model. Information Systems Frontiers, 14 (3). pp. 809-822. ISSN 1387-3326
|HTML Citation||EndNote||Dublin Core||Reference Manager|
Full text not available from this archive.
Identification Number or DOI: doi: 10.1007/s10796-011-9305-1
This paper presents a role-involved purpose-based access control (RPAC) model, where a conditional purpose is defined as the intention of data accesses or usages under certain conditions. RPAC allows users using some data for a certain purpose with Conditions (For instance, Tony agrees that his income information can be used for marketing purposes by removing his name). The structure of RPAC model is investigated after defining access purposes, intended purposes and conditional purposes. An algorithm is developed with role-based access control (RBAC) to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects). Access purpose authorization and authentication in the RPAC model are studied with the hierarchical purpose structure. According to the model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers' data. It extends role-based access control models to a further coverage of privacy preservation in database management systems by adopting purposes and conditional intended purposes and to achieve a fine-grained access control. The work in this paper helps enterprises to circulate a clear privacy promise, and to collect and manage user preferences and consent.
|Item Type:||Article (Commonwealth Reporting Category C)|
|Additional Information:||Published online 3 May 2011. Permanent restricted access to published version due to publisher copyright policy.|
|Uncontrolled Keywords:||access control; conditional purpose; privacy|
|Fields of Research (FOR2008):||08 Information and Computing Sciences > 0806 Information Systems > 080603 Conceptual Modelling|
08 Information and Computing Sciences > 0804 Data Format > 080402 Data Encryption
08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
|Socio-Economic Objective (SEO2008):||E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences|
|Deposited On:||01 Nov 2012 21:34|
|Last Modified:||27 Nov 2012 11:49|
Archive Staff Only: edit this record