Filters








1,154,525 Hits in 7.0 sec

A Role-Involved Conditional Purpose-Based Access Control Model [chapter]

Md. Enamul Kabir, Hua Wang, Elisa Bertino
2010 IFIP Advances in Information and Communication Technology  
This paper presents a role-involved conditional purpose-based access control (RCPBAC) model, where a purpose is defined as the intension of data accesses or usages.  ...  An algorithm is developed to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects) and is illustrated with role-based access  ...  Such an extension of CPBAC with roles which we refer to role-involved conditional purpose-based access control (RCPBAC) model is presented in this paper.  ... 
doi:10.1007/978-3-642-15346-4_13 fatcat:qje7a7rghnfpbmzitkc7xz66sm

A Conditional Role-Involved Purpose-Based Access Control Model

Md. Enamul Kabir, Hua Wang, Elisa Bertino
2011 Journal of Organizational Computing and Electronic Commerce  
This paper presents a role-involved conditional purpose-based access control (RCPBAC) model, where a purpose is defined as the intension of data accesses or usages.  ...  An algorithm is developed to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects) and is illustrated with role-based access  ...  Such an extension of CPBAC with roles which we refer to role-involved conditional purpose-based access control (RCPBAC) model is presented in this paper.  ... 
doi:10.1080/10919392.2011.541007 fatcat:5chcmra6fnbvzlezsovplnr7fu

Purpose-based Versus Flow-Based Access Control for Privacy

K.
2012 Journal of Computer Science  
Specifically, the notion of handling purpose plays an important role in current access control mechanisms that allow only actions corresponding to intended purposes.  ...  Conclusion: The resultant flow-based access map demonstrates a viable description method that can be adopted for controlling access to PII.  ...  To emphasize the context of access control, Fig. 6 shows a conceptualization of a basic access control mechanism. The purpose-based access control mechanism replaces roles with purposes.  ... 
doi:10.3844/jcssp.2012.564.572 fatcat:nv6s55oiqbhebicilwownvg3za

A Knowledge-Constrained Access Control Model for Protecting Patient Privacy in Hospital Information Systems

Runtong Zhang, Donghua Chen, Xiaopu Shang, Xiaomin Zhu, Kecheng Liu
2018 IEEE journal of biomedical and health informatics  
To reduce unnecessary access of patient information by hospital staff, this paper proposes a Knowledge-Constrained Role-Based Access Control (KC-RBAC) model in which a variety of medical domain knowledge  ...  Based on the proposed Purpose Tree and knowledge-involved algorithms, the model can dynamically define the boundary of access to the patient information according to the context, which helps protect patient  ...  Control (KC-RBAC) model, based on the Role-Based Access Control (RBAC) model.  ... 
doi:10.1109/jbhi.2017.2696573 pmid:28436908 fatcat:m6lbco3ebvhiho4pmjt34nkxfy

Dynamic Collaborations for Information Sharing within and across Virtual Teams

Ahmad Kamran Malik, Schahram Dustdar
2011 2011 Frontiers of Information Technology  
We present a Dynamic Sharing and Privacy-aware Role-Based Access Control (DySP-RBAC) model that extends the RBAC model for enhanced sharing and privacy of information among collaborating users within and  ...  We extend the widely used Role-Based Access Control (RBAC) model with team and task entities in addition to sharing and privacy data elements.  ...  We propose a Dynamic Sharing and Privacy-aware Role-Based Access Control (DySP-RBAC) model which is based on the Role-Based Access Control (RBAC) model [2] .  ... 
doi:10.1109/fit.2011.45 dblp:conf/fit/MalikD11 fatcat:mt7w3u4oobblbfc4isu6gjei2i

Building access control policy model for privacy preserving and testing policy conflicting problems

Hua Wang, Lili Sun, Elisa Bertino
2014 Journal of computer and system sciences (Print)  
The key component is purpose involved access control models for expressing highly complex privacy-related policies with various features.  ...  This paper proposes a purpose-based access control model in distributed computing environment for privacy preserving policies and mechanisms, and describes algorithms for policy conflicting problems.  ...  The research for purpose involved access control policies is still in its infancy and much further work remains to be done. There could exist redundant access policies in PAC.  ... 
doi:10.1016/j.jcss.2014.04.017 fatcat:do4iu7gz3vesnk4yn5uuorss6i

A framework for privacy aware data management in relational databases

Pietro Colombo, Elena Ferrari
2014 International Journal of Information Privacy Security and Integrity  
MAPaS supports the specification of purpose and role-based access control policies that regulate the access to data based on purpose compliance, role and purpose-based authorisations.  ...  This paper is about MAPaS -modelling and analysis of privacy-aware systems -framework, which targets the development of privacy aware SQL queries operating on a given database.  ...  Additionally, in our approach the analysis is anticipated in the early phases of the development. and MAPaS analysis is based on a purpose and role-based access control model. for an access purpose. 3  ... 
doi:10.1504/ijipsi.2014.062886 fatcat:rzcmt5out5fh7jx2oyihvpcqyq

A Comparison of Collaborative Access Control Models

Ahmad Kamran, Abdul Mateen, Muhammad Anwar, Basit Raza, Malik Ahsan, Wajeeha Naeem, Yousra Asim, Majid Iqbal
2017 International Journal of Advanced Computer Science and Applications  
In this paper, four Role-Based Access Control (RBAC) based collaborative models are selected for analysis and comparison.  ...  The standard RBAC model, Team-based Access Control (TMAC) model, Privacy-aware Role-Based Access Control (P-RBAC) model and Dynamic Sharing and Privacy-aware RBAC (DySP-RBAC) model are used for experiments  ...  The Role-based Access Control (RBAC) model is an approach to control the access of authorized users whenever roles and privileges are involved in a scenario.  ... 
doi:10.14569/ijacsa.2017.080340 fatcat:zdxyvg3ymndsxlpejdvrdevvti

A Pursuit of Sustainable Privacy Protection in Big Data Environment by an Optimized Clustered-Purpose Based Algorithm

Norjihan Binti Abdul Ghani, Muneer Ahmad, Zahra Mahmoud, Raja Majid Mehmood
2020 Intelligent Automation and Soft Computing  
We are proposing a new clustered-purpose based access control for users' sustainable data privacy protection in a big data environment.  ...  The clustered-purpose based access control significantly contributes to handling the personal data for stated, unambiguous, and genuine purposes.  ...  Attribute level access control aligned with the purpose-based privacy policy [25] Proposes a model that considers the attribute-level access control and ensures the purpose-based access to sensitive  ... 
doi:10.32604/iasc.2020.011731 fatcat:hhkvmgaxljhxjklsjuqmgka3ca

Purpose-Based Access Control Policies and Conflicting Analysis [chapter]

Hua Wang, Lili Sun, Vijay Varadharajan
2010 IFIP Advances in Information and Communication Technology  
This paper proposes a purpose-based framework for supporting privacy preserving access control policies and mechanisms.  ...  The key component of the framework is purpose involved access control models (PAC) that provide full support for expressing highly complex privacy-related policies, taking into account features like purposes  ...  The work in this paper has extended previous work significantly in several aspects, for example, purpose involved access control, access control policies and generating a new access policy without conflicts  ... 
doi:10.1007/978-3-642-15257-3_20 fatcat:2w5dxcxaq5hvhd7fd6ax3eimem

Purpose Based Access Control for Privacy Protection in E-Healthcare Services

Lili Sun, Hua Wang, Jeffrey Soar, Chunming Rong
2012 Journal of Software  
The design of proper models for authorization and access control for e-Health system services is necessary in a large health service.  ...  Usage control enables finer-grained control over usage of digital objects than that of traditional access control policies and models.  ...  He has participated in research projects on mobile electronic system, Web service, and role-based access control for Electronic service system, and has already published over 100 research papers.  ... 
doi:10.4304/jsw.7.11.2443-2449 fatcat:5yhw5lc5afcqtkhwsvws6ohhtq

A Purpose Based Usage Access Control Model

Lili Sun, Hua Wang
2010 Zenodo  
In this paper, we present a comprehensive approach for usage access control based on the notion purpose.  ...  In our model, purpose information associated with a given data element specifies the intended use of the subjects and objects in the usage access control model.  ...  In order to protect data privacy, the notion of purpose plays a major role in access control models and an appropriate metadata model was developed to support such privacy based access control models  ... 
doi:10.5281/zenodo.1061184 fatcat:om4qtsb7xnglxptp2kj577o73y

A Context-Aware Access Control Framework for Software Services [chapter]

A. S. M. Kayes, Jun Han, Alan Colman
2014 Lecture Notes in Computer Science  
Towards this goal, we propose a new semantic policy framework that extends the basic role-based access control (RBAC) approach with both dynamic associations of user-role and role-service capabilities.  ...  For this purpose, we can propose a situation model in modelling the purposeoriented situations.  ...  Based on the formalization of the traditional Role-Based Access Control (RBAC) model [12] , we present a formal definition of the CAAC model. Resources are the objects protected by access control.  ... 
doi:10.1007/978-3-319-06859-6_53 fatcat:cioacjd27jfedjkcfdl3xgtl6u

Enhanced sharing and privacy in distributed information sharing environments

Ahmad Kamran Malik, Schahram Dustdar
2011 2011 7th International Conference on Information Assurance and Security (IAS)  
We extend the Role-Based Access Control (RBAC) model to incorporate sharing and privacy related requirements and present a Dynamic Sharing and Privacy-aware Role-Based Access Control (DySP-RBAC) model.  ...  It is a family of models including core, hierarchical, and constrained RBAC models.  ...  The DySP-RBAC model is an active access control model which is based on collaborative relationships and context of all involved entities in the system.  ... 
doi:10.1109/isias.2011.6122834 dblp:conf/IEEEias/MalikD11 fatcat:fdtcf3k6fzc7ndarmwwzjsw5da

Automatic Obligation Generation and Monitor System for Privacy Policy to DBMS

Mary TreesaThomas, Kanagaraj R., Lakshmi Vidyadharan
2015 International Journal of Computer Applications  
The main objective this project is to enable a monitor for implementing privacy policies which specifies obligations. Based on the obligations monitor can control the SQL code execution.  ...  Privacy policies in the database management system can control collection, access and disclosure of data. Policies are used to specify obligation.  ...  Ni.Q, Bertino, and Lobo,(2008)"An Obligation Model Bridging Access Control Policies and Privacy Policies" This paper presents a novel obligation model for the Core Privacy-aware Role Based Access Control  ... 
doi:10.5120/20003-1934 fatcat:wx6f76cv3ve6vlam4rkplyhc24
« Previous Showing results 1 — 15 out of 1,154,525 results