Enhancing privacy protection in distributed environments through identification and authentication-based secure data-level access control

Abstract

System-level access control methodologies depending on Perimeter Protection proofed their efficiency in the past, but the appearance of many new significant developments in digital communications highlighted the limitations of this approach. Increased concerns about the compatibility of system-level access control mechanism with new distributed and ubiquitous environments are turning aspirations towards de-perimeterisation protection and data level access control as solutions. This research does therefore try to make a contribution to privacy protection based on already advanced data-level access control work, such as the SPIDER project. The solution developed in this research suggests an X.509 certification extension to fit the data-level access control requirements, and proposes a new design for application structure in order to improve the identification and authentication-based secure data-level access control process. © 2013 Springer-Verlag.