An obligation model bridging access control policies and privacy policies
In this paper, we present a novel obligation model for the Core Privacy-aware Role Based Access Control (P-RBAC), and discuss some design issues in detail. Pre-obligations, post-obligations, conditional obligations, and repeating obligations are supported by the obligation model. Interaction between permissions and obligations is discussed, and efficient algorithms are provided to detect undesired effects.
computer communication networks, operating systems, security and protection, access controls, computing milieux, management of computing and information systems
Date of this Version
SACMAT '08 Proceedings of the 13th ACM symposium on Access control models and technologies