Security-control methods for statistical databases: a comparative study
ACM Computing Surveys (CSUR)
Role-Based Access Control Models
Computer
Authentication, access control, and audit
ACM Computing Surveys (CSUR)
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Information Flow Control in Object-Oriented Systems
IEEE Transactions on Knowledge and Data Engineering
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments
ICDCS '02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS'02)
Providing flexibility in information flow control for object oriented systems
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Cassandra: Distributed Access Control Policies with Tunable Expressiveness
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Security policies for downgrading
Proceedings of the 11th ACM conference on Computer and communications security
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Platform for enterprise privacy practices: privacy-enabled management of customer data
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Protecting privacy during on-line trust negotiation
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Redirection policies for mission-based information sharing
Proceedings of the eleventh ACM symposium on Access control models and technologies
Proceedings of the Fourteenth International Database Engineering & Applications Symposium
Inheriting access control rules from large relational databases to materialized views automatically
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part III
Creating objects in the flexible authorization framework
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
| Hi-index | 0.00 |
Protecting privacy means to ensure users that access to their personal data complies with their preferences. However, information can be manipulated in order to derive new objects that may disclose part of the original information. Therefore, control of information flow is necessary for guaranteeing privacy protection since users should know and control not only who access their personal data, but also who access information derived from their data. Actually, current approaches for access control do not provide support for managing propagation of information and for representing user preferences.This paper proposes to extend the Flexible Authorization Framework (FAF) in order to automatically verify whether a subject is entitled to process personal data and derive the authorizations associated with the outcome of data processing. In order to control information flow, users may specify the range of authorizations that can be associated with objects derived from their data. The framework guarantees that every "valid" derived object does not disclose more information than users want and preserves the permissions that users want to maintain. To make the discussion more concrete, we illustrate the proposal with a bank case study.