Purpose-based access policy on provenance and data algebra

12/01/2019
by   Faen Zhang, et al.
0

It is a crucial mechanism of access control to determine that data can only be accessed for allowed purposes. To achieve this mechanism, we propose purpose-based access policies in this paper. Different from provenance-based policies that determine if a piece of data can be accessed or not, purpose-based access policies determines for what purposes can data be accessed. Particularly, the purposes can be classified as different sensitivity levels. For the first time, We tailor policy algebras to include internal and external policy operators for hierarchical purposes, in order to merge purpose sets generated by individual policies. We also created external policy algebras to merge policies from multi-parties. With different types' testing experiments, our model is proved to be feasible and practical.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
01/07/2020

A fine-grained policy model for Provenance-based Access Control and Policy Algebras.pdf

A fine-grained provenance-based access control policy model is proposed ...
research
07/21/2021

HUAP: Practical Attribute-based Access Control Supporting Hidden Updatable Access Policies for Resource-Constrained Devices

Attribute-based encryption (ABE) is a promising cryptographic mechanism ...
research
06/17/2023

Old and New Minimalism: a Hopf algebra comparison

In this paper we compare some old formulations of Minimalism, in particu...
research
02/27/2023

PolyScope: Multi-Policy Access Control Analysis to Triage Android Scoped Storage

Android's filesystem access control is a crucial aspect of its system in...
research
04/16/2020

Sieve: A Middleware Approach to Scalable Access Control for Database Management Systems

Current approaches of enforcing FGAC in Database Management Systems (DBM...
research
10/19/2020

FLAP – A Federated Learning Framework for Attribute-based Access Control Policies

Technology advances in areas such as sensors, IoT, and robotics, enable ...
research
03/18/2019

Efficient and Extensible Policy Mining for Relationship-Based Access Control

Relationship-based access control (ReBAC) is a flexible and expressive f...

Please sign up or login with your details

Forgot password? Click here to reset