Title :
A Purpose-Based Access Control Model
Author :
Yang, Naikuo ; Barringer, Howard ; Zhang, Ning
Author_Institution :
Univ. of Manchester, Manchester
Abstract :
Achieving privacy preservation in a data-sharing computing environment is a challenging problem. The requirements for a privacy preserving data access policy should be formally specified in order to be able to establish consistency between the privacy policy and its purported implementation in practice. Previous work has shown that when specifying a privacy policy, the notion of purpose should be used as the basis for access control. A privacy policy should ensure that data can only be used for its intended purpose, and the access purpose should be compliant with the data´s intended purpose. This paper presents a mechanism to specify privacy policy using VDM. The entities in the purpose-based access control model are specified, the invariants corresponding to the privacy requirements in privacy policy are specified, and the operations in the model and their proof obligations are defined and investigated.
Keywords :
Vienna development method; authorisation; data privacy; access purpose; data-sharing computing; privacy policy; privacy preservation; privacy requirements; purpose-based access control model; Access control; Authorization; Computer science; Computer security; Data privacy; Data security; Information security; Information systems; Information technology; Protection;
Conference_Titel :
Information Assurance and Security, 2007. IAS 2007. Third International Symposium on
Conference_Location :
Manchester
Print_ISBN :
0-7695-2876-7
Electronic_ISBN :
978-0-7695-2876-2
DOI :
10.1109/IAS.2007.29
