The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Purpose based access control of complex data for privacy protection
Proceedings of the tenth ACM symposium on Access control models and technologies
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Privacy Enhanced Information Systems
Proceedings of the 2006 conference on Information Modelling and Knowledge Bases XVII
Minimal disclosure in hierarchical hippocratic databases with delegation
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Privacy-Aware Access Control through Negotiation in Daily Life Service
PAISI, PACCF and SOCO '08 Proceedings of the IEEE ISI 2008 PAISI, PACCF, and SOCO international workshops on Intelligence and Security Informatics
Modeling communication: one more piece falling into place
Proceedings of the 26th annual ACM international conference on Design of communication
Enforcing purpose of use via workflows
Proceedings of the 8th ACM workshop on Privacy in the electronic society
Towards a personalized privacy management framework
Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems
Conditional purpose based access control model for privacy protection
ADC '09 Proceedings of the Twentieth Australasian Conference on Australasian Database - Volume 92
A conditional purpose-based access control model with dynamic roles
Expert Systems with Applications: An International Journal
Purpose control: did you process the data for the intended purpose?
SDM'11 Proceedings of the 8th VLDB international conference on Secure data management
A role-involved purpose-based access control model
Information Systems Frontiers
Privacy aware eLearning environments based on hippocratic database principles
Proceedings of the Fifth Balkan Conference in Informatics
| Hi-index | 0.00 |
Research efforts have been directed toward the improvement of privacy protecting technology by incorporating privacy protection into database systems. Purpose acts as a central concept on which access decisions are made. A complexity of purpose and users role hierarchies is utilized to manage the mapping between users and purposes. In this paper, we propose a personal information flow model that specifies a limited number of acts on this type of information. Chains of these acts can be used instead of the "intended/business purposes" used in privacy access control.