Purpose-based access control policies and conflicting analysis

Abstract : This paper proposes a purpose-based framework for supporting privacy preserving access control policies and mechanisms. The mechanism enforces access policy to data containing personally identifiable information. The key component of the framework is purpose involved access control models (PAC) that provide full support for expressing highly complex privacy-related policies, taking into account features like purposes and conditions. A policy refers to an access right that a subject can have on an object, based on attribute predicates, obligation actions, and system conditions. Policy conflicting problems may arise when new access policies are generated. The structure of purpose involved access control policy is studied, and efficient conflict-checking algorithms are developed. Finally a discussion of our work in comparison with other access control and frameworks such as EPAL is presented.
Type de document :
Communication dans un congrès
Kai Rannenberg; Vijay Varadharajan; Christian Weber. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-330, pp.217-228, 2010, Security and Privacy - Silver Linings in the Cloud. 〈10.1007/978-3-642-15257-3_20〉
Liste complète des métadonnées

Littérature citée [20 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01054514
Contributeur : Hal Ifip <>
Soumis le : jeudi 7 août 2014 - 11:58:50
Dernière modification le : jeudi 19 juillet 2018 - 14:00:08
Document(s) archivé(s) le : mercredi 26 novembre 2014 - 01:32:58

Fichier

19-Paper-170-Purpose-based_acc...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Hua Wang, Lili Sun, Vijay Varadharajan. Purpose-based access control policies and conflicting analysis. Kai Rannenberg; Vijay Varadharajan; Christian Weber. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-330, pp.217-228, 2010, Security and Privacy - Silver Linings in the Cloud. 〈10.1007/978-3-642-15257-3_20〉. 〈hal-01054514〉

Partager

Métriques

Consultations de la notice

285

Téléchargements de fichiers

388