Role-Based Access Control Models
Computer
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
A Privacy Policy Model for Enterprises
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A Framework for Multiple Authorization Types in a Healthcare Application System
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Privacy Promises, Access Control, and Privacy Management
ISEC '02 Proceedings of the Third International Symposium on Electronic Commerce
Privacy Enforcement with an Extended Role-Based Access Control Model
Privacy Enforcement with an Extended Role-Based Access Control Model
Conflict and combination in privacy policy languages
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
A Policy-based Management Framework for Pervasive Systems using Axiomatized Rule-Actions
NCA '05 Proceedings of the Fourth IEEE International Symposium on Network Computing and Applications
Privacy and Contextual Integrity: Framework and Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
A comparison of two privacy policy languages: EPAL and XACML
Proceedings of the 3rd ACM workshop on Secure web services
Purpose based access control for privacy protection in relational database systems
The VLDB Journal — The International Journal on Very Large Data Bases
IT-security and privacy: design and use of privacy-enhancing security mechanisms
IT-security and privacy: design and use of privacy-enhancing security mechanisms
Introducing privacy in a hospital information system
Proceedings of the fourth international workshop on Software engineering for secure systems
An obligation model bridging access control policies and privacy policies
Proceedings of the 13th ACM symposium on Access control models and technologies
High-Assurance Integrity Techniques for Databases
BNCOD '08 Proceedings of the 25th British national conference on Databases: Sharing Data, Information and Knowledge
Engineering Privacy Requirements in Business Intelligence Applications
SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management
Privilege federation between different user profiles for service federation
Proceedings of the 4th ACM workshop on Digital identity management
PuRBAC: Purpose-Aware Role-Based Access Control
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
PCP: privacy-aware context profile towards context-aware application development
Proceedings of the 10th International Conference on Information Integration and Web-based Applications & Services
Relationship Based Privacy Management for Ubiquitous Society
ICCSA '09 Proceedings of the International Conference on Computational Science and Its Applications: Part I
Query Processing Techniques for Compliance with Data Confidence Policies
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
An Access Control Language for a General Provenance Model
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Context-aware service engineering: A survey
Journal of Systems and Software
A conceptual model for privacy policies
SEA '07 Proceedings of the 11th IASTED International Conference on Software Engineering and Applications
Federation proxy for cross domain identity federation
Proceedings of the 5th ACM workshop on Digital identity management
Enforcing purpose of use via workflows
Proceedings of the 8th ACM workshop on Privacy in the electronic society
Toward practical authorization-dependent user obligation systems
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Dealing with anonymity in wireless sensor networks
Proceedings of the 2010 ACM Symposium on Applied Computing
Personalizing access control by generalizing access control
Proceedings of the 15th ACM symposium on Access control models and technologies
Policy framework for security and privacy management
IBM Journal of Research and Development
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
A comprehensive privacy-aware authorization framework founded on HIPAA privacy rules
Proceedings of the 1st ACM International Health Informatics Symposium
A notation for policies using feature structures
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
Mixing privacy with role-based access control
Proceedings of The Fourth International C* Conference on Computer Science and Software Engineering
xfACL: an extensible functional language for access control
Proceedings of the 16th ACM symposium on Access control models and technologies
On the management of user obligations
Proceedings of the 16th ACM symposium on Access control models and technologies
DyDAP: A dynamic data aggregation scheme for privacy aware wireless sensor networks
Journal of Systems and Software
UCONLEGAL: a usage control model for HIPAA
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Considering privacy and effectiveness of authorization policies for shared electronic health records
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Obligation language and framework to enable privacy-aware SOA
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Contextual privacy management in extended role based access control model
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Ensuring authorization privileges for cascading user obligations
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
A role-involved purpose-based access control model
Information Systems Frontiers
Privacy in mobile technology for personal healthcare
ACM Computing Surveys (CSUR)
Improving data quality using a cross layer protocol in wireless sensor networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Conditional privacy-aware role based access control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Modified hierarchical privacy-aware role based access control model
Proceedings of the 2012 ACM Research in Applied Computation Symposium
A privacy preserving model bridging data provider and collector preferences
Proceedings of the Joint EDBT/ICDT 2013 Workshops
An information flow control meta-model
Proceedings of the 18th ACM symposium on Access control models and technologies
Proceedings of the 18th ACM symposium on Access control models and technologies
Fine-grained privacy control for the RFID middleware of EPCglobal networks
Proceedings of the Fifth International Conference on Management of Emergent Digital EcoSystems
| Hi-index | 0.00 |
Privacy has been acknowledged to be a critical requirement for many business (and non-business) environments. Therefore, the definition of an expressive and easy-to-use privacy related access control model, based on which privacy policies can be specified, is crucial. In this work we introduce a family of models (P-RBAC) that extend the well known RBAC model in order to provide full support for expressing highly complex privacy-related policies, taking into account features like purposes and obligations. We also compare our work with access control and privacy policy frameworks such as P3P, EPAL, and XACML.