Conditional Privacy-Aware Role Based Access Control

Get BibTex-formatted data

Author

Elisa Bertino, Qun Ni, Dan Lin, Jorge Lobo

Entry type

book

Abstract

Privacy is considered critical for all organizations needing to manage individual related information. As such, there is an increasing need for access control models which can adequately support the specification and enforcement of privacy policies. In this paper, we propose a model, referred to as Conditional Privacy-aware Role Based Access Control (P-RBAC), which supports expressive condition languages and flexible relations among permission assignments for more complex privacy policies. Efficient algorithms for detecting conflicts, redundancies, and indeterminism for a set of permission assignments are presented. In the paper we also extend Conditional P-RBAC to Universal P-RBAC by taking into account hierarchical relations among roles, data and purposes. In comparison with other approaches, such as P3P, EPAL, and XACML, our work has achieved both expressiveness and efficiency.

Date

2007

URL

http://www.springerlink.com/content/e776338565xru542/

Booktitle

computer Security - ESORICS 2007

Key alpha

Bertino

Pages

72-89

Publisher

Springer Berlin / Heidelberg

Series

Lecture Notes in Computer Science

Affiliation

Purdue University

Publication Date

2007-00-00

Copyright

2007

Isbn

978-3-540-74834-2

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Book{ Bertino,
	title = "Conditional Privacy-Aware Role Based Access Control",
	author = "Elisa Bertino, Qun Ni, Dan Lin, Jorge Lobo",
	year = "2007",
	booktitle = "computer Security - ESORICS 2007",
	pages = "72-89",
	publisher = "Springer Berlin / Heidelberg",
	series = "Lecture Notes in Computer Science",
	abstract = "Privacy is considered critical for all organizations needing to manage individual related information. As such, there is an increasing need for access control models which can adequately support the specification and enforcement of privacy policies. In this paper, we propose a model, referred to as Conditional Privacy-aware Role Based Access Control (P-RBAC), which supports expressive condition languages and flexible relations among permission assignments for more complex privacy policies. Efficient algorithms for detecting conflicts, redundancies, and indeterminism for a set of permission assignments are presented. In the paper we also extend Conditional P-RBAC to Universal P-RBAC by taking into account hierarchical relations among roles, data and purposes. In comparison with other approaches, such as P3P, EPAL, and XACML, our work has achieved both expressiveness and efficiency.",
	affiliation = "Purdue University",
	copyright = "2007",
	isbn = "978-3-540-74834-2",
	url = "http://www.springerlink.com/content/e776338565xru542/",
}