A purpose-based privacy-aware system using privacy data graph

Authors:
Yuan Tian;Biao Song;Eui-Nam Huh
Affiliations:
KyungHee University, Seocheon-dong, Giheun-gu, Yongin-si, Gyeonggi-do, Republic of Korea;KyungHee University, Seocheon-dong, Giheun-gu, Yongin-si, Gyeonggi-do, Republic of Korea;KyungHee University, Seocheon-dong, Giheun-gu, Yongin-si, Gyeonggi-do, Republic of Korea
Venue:
Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia
Year:
2009

Citing 13
Cited 0

Role-Based Access Control Models

Computer
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
k-anonymity: a model for protecting privacy

International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
An XPath-based preference language for P3P

WWW '03 Proceedings of the 12th international conference on World Wide Web
Purpose based access control of complex data for privacy protection

Proceedings of the tenth ACM symposium on Access control models and technologies
A formal semantics for P3P

SWS '04 Proceedings of the 2004 workshop on Secure web service
Hippocratic databases

VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A middleware architecture for privacy protection

Computer Networks: The International Journal of Computer and Telecommunications Networking
Purpose based access control for privacy protection in relational database systems

The VLDB Journal — The International Journal on Very Large Data Bases
P3P: Making Privacy Policies More Useful

IEEE Security and Privacy
Towards the development of privacy-aware systems

Information and Software Technology
Privacy-Preserving database systems

Foundations of Security Analysis and Design III
On obligations

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Privacy issue is receiving a great deal of attention since the need of privacy is increasing and new threats are emerging. The growing concern of users for their personal information has made it critical to implant effective technologies for privacy and data management. A common way for privacy preservation is restricting access to data like the classic Role-based Access Control (RBAC) Model. But the RBAC is limited as it does not provide users enough flexibilities and functionalities. In order to minimize the disclosure of data and support higher flexibilities for users to manage their privacy information, this paper provides a privacy data graph based on the traditional RBAC model to illustrate the linkage between data elements. Moreover, the notion of purpose is added to specify the intended usage of data and allow users to set personal privacy preferences through purpose. A case study in the healthcare domain is provided. As our model is generic, it can be also adapted to other fields. A detailed view of our proposed privacy system with experimental result is provided.