Role-Based Access Control Models
Computer
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
A usage-based authorization framework for collaborative computing systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Consent-Based Workflows for Healthcare Management
POLICY '08 Proceedings of the 2008 IEEE Workshop on Policies for Distributed Systems and Networks
Patient-centric authorization framework for sharing electronic health records
Proceedings of the 14th ACM symposium on Access control models and technologies
A security policy model for clinical information systems
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
ESPOON: Enforcing Encrypted Security Policies in Outsourced Environments
ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
Hi-index | 0.00 |
Data usage is of great concern for a user owning the data. Users want assurance that their personal data will be fairly used for the purposes for which they have provided their consent. Moreover, they should be able to withdraw their consent once they want. Actually, consent is captured as a matter of legal record that can be used as legal evidence. It restricts the use and dissemination of information. The separation of consent capturing from the access control enforcement mechanism may help a user to autonomously define the consent evaluation functionality, necessary for the automation of consent decision. In this paper, we present a solution that addresses how to capture, store, evaluate and withdraw consent. The proposed solution preserves integrity of consent, essential to provide a digital evidence for legal proceedings. Furthermore, it accommodates emergency situations when users cannot provide their consent.