Search USQ ePrints archive

A conditional role-involved purpose-based access control model

Kabir, Md Enamul ORCID: https://orcid.org/0000-0002-6157-2753 and Wang, Hua and Bertino, Elisa (2011) A conditional role-involved purpose-based access control model. Journal of Organizational Computing and Electronic Commerce, 21 (1). pp. 71-91. ISSN 1091-9392

Official URL: http://dx.doi.org/10.1080/10919392.2011.541007

Abstract

This paper presents a role-involved conditional purpose-based access control (RCPBAC) model, where a purpose is defined as the intension of data accesses or usages. RCPBAC allows users using some data for certain purpose with conditions. The structure of RCPBAC model is defined and investigated. An algorithm is developed to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects) and is illustrated with role-based access control (RBAC) to support RCPBAC. According to this model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers' data. It extends traditional access control models to a further coverage of privacy preserving in data mining environment as RBAC is one of the most popular approach towards access control to achieve database security and available in database management systems. The
structure helps enterprises to circulate clear privacy promise, to collect and manage user preferences and consent.

Statistics for this ePrint Item

Item Type:	Article (Commonwealth Reporting Category C)
Refereed:	Yes
Item Status:	Live Archive
Additional Information:	© 2011 Taylor & Francis Group, LLC. Permanent restricted access to published version due to publisher copyright policy.
Faculty/School / Institute/Centre:	Historic - Faculty of Sciences - Department of Maths and Computing (Up to 30 Jun 2013)
Faculty/School / Institute/Centre:	Historic - Faculty of Sciences - Department of Maths and Computing (Up to 30 Jun 2013)
Date Deposited:	06 Apr 2011 05:08
Last Modified:	13 Jun 2016 05:48
Uncontrolled Keywords:	access control; conditional purpose; privacy
Fields of Research (2008):	15 Commerce, Management, Tourism and Services > 1503 Business and Management > 150301 Business Information Management (incl. Records, Knowledge and Information Management, and Intelligence) 08 Information and Computing Sciences > 0806 Information Systems > 080604 Database Management 08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
Fields of Research (2020):	35 COMMERCE, MANAGEMENT, TOURISM AND SERVICES > 3503 Business systems in context > 350302 Business information management (incl. records, knowledge and intelligence) 46 INFORMATION AND COMPUTING SCIENCES > 4605 Data management and data science > 460599 Data management and data science not elsewhere classified 46 INFORMATION AND COMPUTING SCIENCES > 4604 Cybersecurity and privacy > 460499 Cybersecurity and privacy not elsewhere classified
Socio-Economic Objectives (2008):	E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences
Identification Number or DOI:	https://doi.org/10.1080/10919392.2011.541007
URI:	http://eprints.usq.edu.au/id/eprint/18336

Actions (login required)

Archive Repository Staff Only