Purpose based access control of complex data for privacy protection

Ji-Won Byun, Elisa Bertino, Ninghui Li
2005 Proceedings of the tenth ACM symposium on Access control models and technologies - SACMAT '05  
As privacy becomes a major concern for both consumers and enterprises, many research efforts have been devoted to the development of privacy protecting technology. We recently proposed a privacy preserving access control model for relational databases, where purpose information associated with a given data element specifies the intended use of the data element. In this paper, we extend our previous work to handle other advanced data management systems, such as the ones based on XML and the ones
more » ... based on the object-relational data model. Another contribution of our paper is that we address the problem of how to determine the purpose for which certain data are accessed by a given user. Our proposed solution relies on the well-known RBAC model as well as the notion of conditional role which is based on the notions of role attribute and system attribute.
doi:10.1145/1063979.1063998 dblp:conf/sacmat/ByunBL05 fatcat:obqqz5woovc4xkgnzho2aybtzm