Privacy Access Control Model with Location Constraints for XML Services

Author

Zheng, Yi ; Chen, Yongming ; Hung, Patrick C K

Author_Institution

Tech. Univ. of Munich, Munich

fYear

2007

fDate

17-20 April 2007

Firstpage

371

Lastpage

378

Abstract

Information privacy is usually concerned with the confidentiality of personal identifiable information (PII), such as electronic medical records. Nowadays XML services are used to support different applications which may contain of PII, such as healthcare applications. Thus, the information access control mechanism for XML services must be embedded with privacy-enhancing technologies. Role-based access control (RBAC) model has been widely investigated and applied into various applications for a period of time. This paper focuses on research issues of location constraints in privacy access control. This paper presents an extended framework of RBAC with privacy-based extensions with location constraints to tackle such a need. This paper also investigates XML technologies, such as extensible access control markup language (XACML) and WS-policy constraints for implementing the proposed model.

Keywords

XML; security of data; WS-policy constraints; XML services; electronic medical records; extensible access control markup language; healthcare applications; information privacy; location constraints; personal identifiable information; privacy access control model; privacy-enhancing technologies; role-based access control; Access control; Application software; Biomedical imaging; Computer science; Data privacy; Electronic mail; Medical services; Permission; Web services; XML;

fLanguage

English

Publisher

ieee

Conference_Titel

Data Engineering Workshop, 2007 IEEE 23rd International Conference on

Conference_Location

Istanbul

Print_ISBN

978-1-4244-0832-0

Electronic_ISBN

978-1-4244-0832-0

Type

conf

DOI

10.1109/ICDEW.2007.4401018

Filename

4401018