A privacy enhanced Role-based access control model for enterprises

Abstract

The Role-based access control (RBAC) is a super set of mandatory access control (MAC) and discretionary access control (DAC). Since MAC and DAC are useful in information flow control that protects privacy within an application, it is certainly that we can use RBAC for privacy concerns. The key benefits of the fundamental RBAC are simplified systems administration and enhanced systems security and integrity. However, it does not consider privacy protection and support controlling method invocation through argument sensitivity. In this paper, a privacy-enhanced role-based access control (PERBAC) model is proposed. Privacy related components, such as purpose, purpose hierarchy, are added to the new model. Also, an information flow analysis technique and a privacy checking algorithm are introduced to support controlling method invocation through argument sensitivity. © Springer-Verlag Berlin Heidelberg 2005.