Sciweavers

ESORICS
2007
Springer

Conditional Privacy-Aware Role Based Access Control

14 years 6 months ago
Conditional Privacy-Aware Role Based Access Control
Privacy is considered critical for all organizations needing to manage individual related information. As such, there is an increasing need for access control models which can adequately support the specification and enforcement of privacy policies. In this paper, we propose a model, referred to as Conditional Privacy-aware Role Based Access Control (P-RBAC), which supports expressive condition languages and flexible relations among permission assignments for more complex privacy policies. Efficient algorithms for detecting conflicts, redundancies, and indeterminism for a set of permission assignments are presented. In the paper we also extend Conditional P-RBAC to Universal P-RBAC by taking into account hierarchical relations among roles, data and purposes. In comparison with other approaches, such as P3P, EPAL, and XACML, our work has achieved both expressiveness and efficiency.
Qun Ni, Dan Lin, Elisa Bertino, Jorge Lobo
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Where ESORICS
Authors Qun Ni, Dan Lin, Elisa Bertino, Jorge Lobo
Comments (0)