An obligation model bridging access control policies and privacy policies
Abstract
In this paper, we present a novel obligation model for the Core Privacy-aware Role Based Access Control (P-RBAC), and discuss some design issues in detail. Pre-obligations, post-obligations, conditional obligations, and repeating obligations are supported by the obligation model. Interaction between permissions and obligations is discussed, and efficient algorithms are provided to detect undesired effects.
Keywords
computer communication networks, operating systems, security and protection, access controls, computing milieux, management of computing and information systems
Date of this Version
2008
COinS
Comments
SACMAT '08 Proceedings of the 13th ACM symposium on Access control models and technologies