Service interruption on Monday 11 July from 12:30 to 13:00: all the sites of the CCSD (HAL, EpiSciences, SciencesConf, AureHAL) will be inaccessible (network hardware connection).
Skip to Main content Skip to Navigation
Conference papers

Enforcement of Privacy Requirements

Abstract : Enterprises collect and use private information for various purposes. Access control can limit who can obtain such data. However, the purpose of their use is not clear. In this paper we focus on the purpose of data access and demonstrate that dynamic role-based access control (RBAC) mechanism is not sufficient for enforcement of privacy requirements. To achieve this we extend RBAC with monitoring capability and describe a formal approach to determining whether access control policies actually implement privacy requirements based on the behaviour of the system. We demonstrate the advantages of our approach using various examples and describe the prototype implementation of our technique.
Document type :
Conference papers
Complete list of metadata

Cited literature [19 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, February 9, 2017 - 5:31:11 PM
Last modification on : Thursday, June 4, 2020 - 10:12:04 AM
Long-term archiving on: : Wednesday, May 10, 2017 - 2:52:14 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Padmanabhan Krishnan, Kostyantyn Vorobyov. Enforcement of Privacy Requirements. 28th Security and Privacy Protection in Information Processing Systems (SEC), Jul 2013, Auckland, New Zealand. pp.272-285, ⟨10.1007/978-3-642-39218-4_21⟩. ⟨hal-01463860⟩



Record views


Files downloads