Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles: preliminary description and outline
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Information flow inference for free
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Information Flow Control in Object-Oriented Systems
IEEE Transactions on Knowledge and Data Engineering
A Privacy Policy Model for Enterprises
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A New Type System for Secure Information Flow
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Information Flow Control in Role-Based Model for Distributed Objects
ICPADS '01 Proceedings of the Eighth International Conference on Parallel and Distributed Systems
Providing flexibility in information flow control for object oriented systems
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
| Hi-index | 0.00 |
The Role-based access control (RBAC) is a super set of mandatory access control (MAC) and discretionary access control (DAC). Since MAC and DAC are useful in information flow control that protects privacy within an application, it is certainly that we can use RBAC for privacy concerns. The key benefits of the fundamental RBAC are simplified systems administration and enhanced systems security and integrity. However, it does not consider privacy protection and support controlling method invocation through argument sensitivity. In this paper, a privacy-enhanced role-based access control (PERBAC) model is proposed. Privacy related components, such as purpose, purpose hierarchy, are added to the new model. Also, an information flow analysis technique and a privacy checking algorithm are introduced to support controlling method invocation through argument sensitivity.