Li, Min and Wang, Hua and Plank, Ashley (2009) Privacy-aware access control with generalization boundaries. In: 32nd Australasian Computer Science Conference (ACSC 2009), 19-23 Jan 2009, Wellington, New Zealand.
Text (Published Version )
Privacy is today an important concern for both data
providers and data users. Data generalization can provide signicant protection of an individual's privacy, which means the data value can be replaced by a less specic but semantically consistent value and the personal information can be collected in a generalized form. However, over-generalized data may render data of little value. A key question is whether or not a certain generalization strategy provides a sufficient level of privacy and usability?
In this paper, we introduce a new approach, called
privacy-aware generalization boundaries, which can
satisfy the requirements of both data providers and
data users. We propose a privacy-aware access control model related to a retention period. Formal definitions of authorization actions and rules are presented. Further, we discuss how to manage a valid access process and analysis the access control policy. Finally, we extend our model to support highly complex privacy-related policies by taking into account features of obligations and conditions.
Statistics for this ePrint Item
|Item Type:||Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)|
|Item Status:||Live Archive|
|Additional Information:||Deposited in accordance with the copyright policy of the publisher. Copyright c 2009, Australian Computer Society, Inc. This paper appeared at the Thirty-Second Australasian Computer Science Conference (ACSC2009), Wellington, New Zealand. Conferences in Research and Practice in Information Technology (CRPIT), Vol. 91, Bernard Mans, Ed. Reproduction for academic, not-for profit purposes permitted provided this text is included.|
|Depositing User:||Ms Min Li|
|Faculty / Department / School:||Historic - Faculty of Sciences - Department of Maths and Computing|
|Date Deposited:||01 Jul 2010 03:18|
|Last Modified:||29 Jul 2013 06:25|
|Uncontrolled Keywords:||privacy; access control; generalization|
|Fields of Research :||08 Information and Computing Sciences > 0806 Information Systems > 080604 Database Management
08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
08 Information and Computing Sciences > 0806 Information Systems > 080609 Information Systems Management
|Socio-Economic Objective:||E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences|
Actions (login required)
|Archive Repository Staff Only|