• DocumentCode
    2011997
  • Title

    Dynamic Purpose-Based Access Control

  • Author

    Peng, Huanchun ; Gu, Jun ; Ye, Xiaojun

  • Author_Institution
    Sch. of Software, Tsinghua Univ., Beijing
  • fYear
    2008
  • fDate
    10-12 Dec. 2008
  • Firstpage
    695
  • Lastpage
    700
  • Abstract
    This article presents a new approach for privacy preserving access control based on RBAC. The separation of authorization of access purpose from access decision improves the flexibility of private data control. A key feature of this approach is dynamic. The access purpose is determined in a dynamic manner, based on subject attributes, context attributes and authorization policies. Intended purposes are dynamically associated with the requested data object during the access decision. Finally, we give the algorithm to achieve the compliance computation between the access purpose and intended purposes.
  • Keywords
    authorisation; data privacy; RBAC; access decision; authorization policies; context attributes; dynamic purpose-based access control; privacy preserving access control; private data control; subject attributes; Access control; Application software; Authorization; Data privacy; Database systems; Distributed processing; Engines; Guidelines; Information security; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Parallel and Distributed Processing with Applications, 2008. ISPA '08. International Symposium on
  • Conference_Location
    Sydney, NSW
  • Print_ISBN
    978-0-7695-3471-8
  • Type

    conf

  • DOI
    10.1109/ISPA.2008.80
  • Filename
    4725214
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2011997