Enforcing purpose of use via workflows
Proceedings of the 8th ACM workshop on Privacy in the electronic society
A conditional purpose-based access control model with dynamic roles
Expert Systems with Applications: An International Journal
A role-involved purpose-based access control model
Information Systems Frontiers
Hi-index | 0.00 |
This article presents a new approach for privacy preserving access control based on RBAC. The separation of authorization of access purpose from access decision improves the flexibility of private data control. A key feature of this approach is dynamic. The access purpose is determined in a dynamic manner, based on subject attributes, context attributes and authorization policies. Intended purposes are dynamically associated with the requested data object during the access decision. Finally, we give the algorithm to achieve the compliance computation between the access purpose and intended purposes.