Abstract
In this article, we introduce a comprehensive framework supporting a privacy-aware access control mechanism, that is, a mechanism tailored to enforce access control to data containing personally identifiable information and, as such, privacy sensitive. The key component of the framework is a family of models (P-RBAC) that extend the well-known RBAC model in order to provide full support for expressing highly complex privacy-related policies, taking into account features like purposes and obligations. We formally define the notion of privacy-aware permissions and the notion of conflicting permission assignments in P-RBAC, together with efficient conflict-checking algorithms. The framework also includes a flexible authoring tool, based on the use of the SPARCLE system, supporting the high-level specification of P-RBAC permissions. SPARCLE supports the use of natural language for authoring policies and is able to automatically generate P-RBAC permissions from these natural language specifications. In the article, we also report performance evaluation results and contrast our approach with other relevant access control and privacy policy frameworks such as P3P, EPAL, and XACML.
- Anderson, A. H. 2006. A comparison of two privacy policy languages: EPAL and XACML. In Proceedings of the 3rd Workshop on Secure Web Services. ACM, New York, 53--60. Google Scholar
Digital Library
- Barth, A., Mitchell, J. C., and Rosenstein, J. 2004. Conflict and combination in privacy policy languages. In Proceedings of the Workshop on Privacy in the Electronic Society. ACM, New York, 45--46. Google Scholar
Digital Library
- Byun, J.-W. and Li, N. 2008. Purpose-based access control for privacy protection in relational database systems. VLDB J. 17, 4, 603--619. Google Scholar
Digital Library
- Chandramouli, R. 2001. A framework for multiple authorization types in a healthcare application system. In Proceedings of the 17th Annual Computer Security Applications Conference. IEEE, Los Alamitos, CA, 137. Google Scholar
Digital Library
- Ferraiolo, D. F., Sandhu, R., Gavrila, S., Kuhn, D. R., and Chandramouli, R. 2001. Proposed standard for role-based access control. ACM Trans. Inform. Syst. Secur. 4, 3, 224--274. Google Scholar
Digital Library
- Fischer-Hubner, S. 2001. IT-Security and Privacy: Design and Use of Privacy-Enhancing Security Mechanisms. Springer-Verlag, Berlin. Google Scholar
Digital Library
- He, Q. 2003. Privacy enforcement with an extended role-based access control model. Tech. rep. TR-2003-09, Department of Computer Science, North Carolina State University. Google Scholar
Digital Library
- Karat, C.-M., Karat, J., Brodie, C., and Feng, J. 2006. Evaluating interfaces for privacy policy rule authoring. In Proceedings of the Conference on Human Factors in Computing Systems. ACM, New York, 83--92. Google Scholar
Digital Library
- Karat, J., Karat, C.-M., Brodie, C., and Feng, J. 2005a. Designing natural language and structured entry methods for privacy policy authoring. In Proceedings of the International Conference on Human-Computer Interaction. Springer-Verlag, Berlin, 671--684. Google Scholar
Digital Library
- Karat, J., Karat, C.-M., Brodie, C., and Feng, J. 2005b. Privacy in information technology: Designing to enable privacy policy management in organizations. Int. J. Hum.-Comput. Stud. 63, 1-2, 153--174. Google Scholar
Digital Library
- Karjoth, G. and Schunter, M. 2002. A privacy policy model for enterprises. In Proceedings of the 15th Computer Security Foundations Workshop. IEEE, Los Alamitos, CA, 271--281. Google Scholar
Digital Library
- Law, U. S. F. 1996. Health insurance portability and accountability act of 1996. Pub. L. 104--191.Google Scholar
- Ni, Q., Bertino, E., and Lobo, J. 2008. An obligation model bridging access control policies and privacy policies. In Proceedings of the Symposium on Access Control Methods and Technologies. ACM, New York, 133--142. Google Scholar
Digital Library
- Ni, Q., Bertino, E., Lobo, J., Brodie, C., Karat, C.-M., Karat, J., and Trombetta, A. 2009. Privacy-aware role-based access control. Tech. rep., CERIAS, Purdue University.Google Scholar
- Ni, Q., Lin, D., Bertino, E., and Lobo, J. 2007. Conditional privacy-aware role-based access control. In Proceedings of the European Symposium on Research in Computer Security. Springer-Verlag, Berlin, 72--89. Google Scholar
Digital Library
- OASIS. 2005. eXtensible Access Control Markup Language (XACML) 2.0. http://www.oasis-open.org/.Google Scholar
- Organisation for Economic Co-operation and Development. 1980. Oecd guidelines on the protection of privacy and transborder ows of personal data of 1980. http://www.oecd.org/.Google Scholar
- Park, J. and Sandhu, R. S. 2004. The uconabc usage control model. ACM Trans. Inform. Syst. Secur. 7, 1, 128--174. Google Scholar
Digital Library
- Powers, C. S. 2002. Privacy promises, access control, and privacy management. In Proceedings of the 3rd International Symposium on Electronic Commerce. IEEE, Los Alamitos, CA, 13. Google Scholar
Digital Library
- Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. 1996. Role-based access control models. IEEE Computer 29, 2, 38--47. Google Scholar
Digital Library
- Shankar, C. and Campbell, R. 2005. A policy-based management framework for pervasive systems using axiomatized rule-actions. In Proceedings of the 4th International Symposium on Network Computing and Applications. IEEE, Los Alamitos, CA, 255--258. Google Scholar
Digital Library
Index Terms
Privacy-aware role-based access control
Recommendations
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Privacy-aware role based access control
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologiesPrivacy has been acknowledged to be a critical requirement for many business (and non-business) environments. Therefore, the definition of an expressive and easy-to-use privacy related access control model, based on which privacy policies can be ...
Privacy-Aware Role-Based Access Control
A privacy-aware role-based access control model extends RBAC to express highly complex privacy-related policies, including consideration of such features as conditions and obligations. Because it's based on the RBAC model, the full-fledged P-RBAC ...






Comments