Advanced search
Publication Cover
Journal of Organizational Computing and Electronic Commerce Volume 21, 2011 - Issue 1
Submit an article Journal homepage
134
Views
10
CrossRef citations to date
0
Altmetric
Original Articles

A Conditional Role-Involved Purpose-Based Access Control Model

Md. Enamul Kabir Department of Mathematics & Computing, University of Southern Queensland, Toowoomba, Queensland, AustraliaCorrespondence[email protected]
,
Hua Wang Department of Mathematics & Computing, University of Southern Queensland, Toowoomba, Queensland, Australia
&
Elisa Bertino Department of Computer Science and CERIAS, Purdue University, IN, USA
Pages 71-91 | Published online: 31 Jan 2011

REFERENCES

  • Agrawal , R. , Kiernan , J. , Srikant , R. and Xu , Y. 2002 . Hippocratic databases . Proc. VLDB , : 143 – 154 .
  • Agrawal , R. , Bird , P. , Grandison , T. , Kiernan , J. , Logan , S. and Xu , Y. 2005 . Extending relational database systems to automatically enforce privacy policies . Proc. ICDE , : 1013 – 1022 .
  • Al-Fedaghi , S. S. 2007 . Beyond purpose-based privacy access control . Proc. ADC , : 23 – 32 .
  • Barker , S. and Stuckey , P. N. 2003 . Flexible access control policy specification with constraint logic programming . ACM Transactions on Information and System Security , 6 ( 4 ) Nov : 501 – 546 .
  • Bertino , E. , Jajodia , S. and Samarati , P. 1995 . Data-base security: Research and practice . Information Systems , 20 ( 7 ) Nov : 537 – 556 .
  • Byun , J. W. , Bertino , E. and Li , N. 2005 . Purpose based access control of complex data for privacy protection . Proc. ACM-SACMAT , : 102 – 110 .
  • Byun , J. W. , Bertino , E. and Li , N. 2008 . Purpose based access control for privacy protection in relational database systems . The VLDB Journal , 17 ( 4 ) July : 603 – 619 .
  • Denning , D. , Lunt , T. , Schell , R. , Shockley , W. and Heckman , M. 1988 . The seaview security model . Proc. IEEE Symposium on Research in Security and Privacy , : 218 – 233 .
  • Forrester Research . 2001 . Privacy concerns cost e-commerce $15 billion . Technical Report ,
  • IBM, “The Enterprise Privacy Authorization Language (EPAL),” Retrieved from http://www.zurich.ibm.com/security/enterprise-privacy/epal (http://www.zurich.ibm.com/security/enterprise-privacy/epal)
  • Kabir , M. E. and Wang , H. 2009 . Conditional purpose based access control model for privacy protection . Proc. ADC , : 137 – 144 .
  • LeFevre , K. , Agrawal , R. , Ercegovac , V. , Ramakrishnan , R. , Xu , Y. and DeWitt , D. 2004 . Disclosure in Hippocratic databases . Proc. VLDB , : 108 – 119 .
  • Marchiori , M. The platform for privacy preferences 1.0 (P3P1.0) specification . Technical Report, W3C . 2002 .
  • Massacci , F. , Mylopoulos , J. and Zannone , N. 2005 . Minimal disclosure in hierarchical Hippocratic databases with delegation . Proc. ESORICS , : 438 – 454 .
  • OASIS, “Core and hierarchical role based access control (rbac) profile of xacml v2.0,” Retrieved from http://www.oasis-open.org/ (http://www.oasis-open.org/)
  • Rizvi , S. , Mendelzon , A. O. , Sudarshan , S. and Roy , P. 2004 . Extending query rewriting techniques for fine-grained access control . Proc. ACM-SIGMOD , : 551 – 562 .
  • Powers , C. S. , Ashley , P. and Schunter , M. 2002 . Privacy promises, access control, and privacy management . Proc. ISEC , : 13 – 21 .
  • Sandhu , R. and Jajodia , S. 1991 . Toward a multilevel secure relational data model . Proc. ACM-SIGMOD , : 50 – 59 .
  • Sandhu , R. S. , Coyne , E. J. , Feinstein , H. L. and Youman , C. E. 1996 . Role-based access control models . IEEE Computer , 29 ( 2 ) Feb : 38 – 47 .
  • Sandhu , R. and Chen , F. 1998 . The multilevel relational data model . ACM Transactions on Information and System Security , 1 ( 1 ) Nov : 93 – 132 .
  • World Wide Web Consortium (W3C), “Platform for Privacy Preferences (P3P),” Retrieved from http://www.w3.org/P3P (http://www.w3.org/P3P)
  • Yang , N. , Barringer , H. and Zhang , N. 2007 . A purpose-based access control model . Proc. IAS , : 143 – 148 .
  • Peng , H. , Gu , J. and Ye , X. 2008 . Dynamic purpose-based access control . Proc. IEEE-ISPA , : 695 – 700 .
  • Hung , P. C. K. 2005 . Towards a privacy access control model for e-healthcare services . Proc. PST ,
  • Ferraiolo , D. F. , Barkley , J. F. and Kuhn , D. R. 1999 . A role-based access control model and reference implementation within a corporate intranet . ACM Transactions on Information and System Security , 2 ( 1 ) Feb : 34 – 64 .

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.