Abstract
Current proposals for access control languages cannot specify policies required by
specific application scenarios (e.g. a database system to enforce privacy regulations),
may also contain design flaws, and are incompatible. In this dissertation, we extend
RBAC with new components to meet requirements from privacy-aware access control
which is required to enforce privacy laws and regulations in organizational computing
environments.
We propose an access control language for provenance access control which re-
quires aggregating access decisions from different sources and controlling the access
to different sections of provenance information.
We investigate various problems in risk-based access control. Risk-based access
control is particularly useful for making access decisions in an emergency. Sub jects
without sufficient privilege in an emergency have to be given authorization to access
sensitive information in different ways, based on their risk estimations.
We also identify design flaws in representative proposals, e.g. XACML, and
present corresponding solutions.
We finally propose an extensible functional access control language that com-
bines the benefits of XACML and RBAC without their drawbacks. The language
is attribute-based and context-centric and supports sophisticated error handling and
flexible decision aggregation methods. We also show the language is able to meet
requirements from all specific application domains discussed in this dissertation.