A Framework for Enforcement of Purpose Based Access Control
Loading...
Links to Files
Permanent Link
Author/Creator
Author/Creator ORCID
Date
2019-01-01
Type of Work
Department
Information Systems
Program
Information Systems
Citation of Original Publication
Rights
Distribution Rights granted to UMBC by the author.
Access limited to the UMBC community. Item may possibly be obtained via Interlibrary Loan thorugh a local library, pending author/copyright holder's permission.
This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
Access limited to the UMBC community. Item may possibly be obtained via Interlibrary Loan thorugh a local library, pending author/copyright holder's permission.
This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
Subjects
Abstract
Current access control systems use static access control rules to enforce access to an object by checking appropriate permissions and then either granting or denying an access request. However, they are not flexible at all, therefore they are unable to incorporate and respond to a purpose of finer granularity, such as when a user may wish to automatically limit access to a database when individuals have some (one or more) suspected occurrences of mishandling personally identifiable information (PII) within an organization. The goal of this work is to create a purpose-based access control enforcement framework that adapts to changes in a system's environment based on the preferences of an information owner. This work enables an adaptive enforcement of access control in a system by adjusting and responding to changes in one's environment based on a set of user preferences. This work also enables accurate stateful characterization of access control enforcement rules and gives users a more fine-grained access control to a system compared to existing access control models. The impact of this work is an increase in the security outcomes of access control models and systems due to the incorporation of contextual personalization of the approach.