A Framework for Enforcement of Purpose Based Access Control

Distribution Rights granted to UMBC by the author.
Access limited to the UMBC community. Item may possibly be obtained via Interlibrary Loan thorugh a local library, pending author/copyright holder's permission.
This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.

Abstract

Current access control systems use static access control rules to enforce access to an object by checking appropriate permissions and then either granting or denying an access request. However, they are not flexible at all, therefore they are unable to incorporate and respond to a purpose of finer granularity, such as when a user may wish to automatically limit access to a database when individuals have some (one or more) suspected occurrences of mishandling personally identifiable information (PII) within an organization. The goal of this work is to create a purpose-based access control enforcement framework that adapts to changes in a system's environment based on the preferences of an information owner. This work enables an adaptive enforcement of access control in a system by adjusting and responding to changes in one's environment based on a set of user preferences. This work also enables accurate stateful characterization of access control enforcement rules and gives users a more fine-grained access control to a system compared to existing access control models. The impact of this work is an increase in the security outcomes of access control models and systems due to the incorporation of contextual personalization of the approach.

A Framework for Enforcement of Purpose Based Access Control

Files

Links to Files

Permanent Link

Collections

Author/Creator

Author/Creator ORCID

Date

Type of Work

Department

Program

Citation of Original Publication

Rights

Subjects

Abstract