Abstract
Privacy is considered critical for all organizations needing to manage individual related information. As such, there is an increasing need for access control models which can adequately support the specification and enforcement of privacy policies. In this paper, we propose a model, referred to as Conditional Privacy-aware Role Based Access Control (P-RBAC), which supports expressive condition languages and flexible relations among permission assignments for more complex privacy policies. Efficient algorithms for detecting conflicts, redundancies, and indeterminism for a set of permission assignments are presented. In the paper we also extend Conditional P-RBAC to Universal P-RBAC by taking into account hierarchical relations among roles, data and purposes. In comparison with other approaches, such as P3P, EPAL, and XACML, our work has achieved both expressiveness and efficiency. © Springer-Verlag Berlin Heidelberg 2007.
Cite
CITATION STYLE
Ni, Q., Lin, D., Bertino, E., & Lobo, J. (2007). Conditional privacy-aware role based access control. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4734 LNCS, pp. 72–89). Springer Verlag. https://doi.org/10.1007/978-3-540-74835-9_6
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
