Purpose Based Access Control for Privacy Protection in Object Relational Database Systems

Privacy preservation of individuals is a challenging problem in the environment. While current information technology enables people to carry out their business virtually at any time in any place, it also provides the capability to store various types of information the users reveal during their activities. A key feature of our model is that it allows multiple purposes to be associated with each data element and also supports explicit prohibitions, thus allowing privacy offers to specify that some data should not be used for certain purposes. To maintain consistency between the privacy policy and the practices, privacy protection requirements in privacy policy should be formally specified.

[1]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.

[2]  Jun Gu,et al.  Dynamic Purpose-Based Access Control , 2008, 2008 IEEE International Symposium on Parallel and Distributed Processing with Applications.

[3]  Ning Zhang,et al.  A Purpose-Based Access Control Model , 2007, Third International Symposium on Information Assurance and Security.

[4]  Jorge Lobo,et al.  On the Correctness Criteria of Fine-Grained Access Control in Relational Databases , 2007, VLDB.

[5]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[6]  Md. Enamul Kabir,et al.  Conditional Purpose Based Access Control Model for Privacy Protection , 2009, ADC.

[7]  Ninghui Li,et al.  Purpose based access control for privacy protection in relational database systems , 2008, The VLDB Journal.

[8]  Ning Zhang,et al.  A Purpose-Based Access Control Model , 2007 .