Issue No.04 - July/August (2009 vol.7)
Elisa Bertino , Purdue University
Jorge Lobo , IBM T.J. Watson Research Center
Seraphin B. Calo , IBM T.J. Watson Research Center
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2009.102
A privacy-aware role-based access control model extends RBAC to express highly complex privacy-related policies, including consideration of such features as conditions and obligations. Because it's based on the RBAC model, the full-fledged P-RBAC solution is easy to deploy in systems already adopting RBAC, thus allowing seamless integration of access control and privacy policies.
privacy, role-based access control, model, obligation, policy
Elisa Bertino, Jorge Lobo, Seraphin B. Calo, "Privacy-Aware Role-Based Access Control", IEEE Security & Privacy, vol.7, no. 4, pp. 35-43, July/August 2009, doi:10.1109/MSP.2009.102