UPM Institutional Repository

Trust, purpose, and role-based access control model for privacy protection


Citation

Salji, Mohd Rafiz and Udzir, Nur Izura and Ninggal, Mohd Izuan Hafez and Mohd Sani, Nor Fazlida and Ibrahim, Hamidah (2019) Trust, purpose, and role-based access control model for privacy protection. In: International Symposium on ICT Management and Administration (ISICTMA2019), 31 July-2 Aug. 2019, Putrajaya Marriott Hotel, Malaysia. (pp. 69-73).

Abstract

Data privacy is one of the fundamental needs of the people. In a computing environment, there are various issues of data privacy protection in the enterprise. To enforce the automation of privacy policies and law, access control has been one of the most devoted subjects. Role-based access control model has been proposed to protect customer's data. However, relying on role only is insufficient and inefficient to protect data especially sensitive attributes, and this may cause risks of privacy disclosure to unauthorized and untrusted users. This paper presents a finer-grained access control called Trust, Purpose, and Role-Based Access Control (TPRBAC) model to efficiently protect data particularly sensitive attributes. In the proposed model, purpose and role is applied to permit access to data, while trust is applied to control access to sensitive attributes. A prototype system is developed and tested, and the result shows sensitive attributes are protected. Experiments are conducted to validate the proposed model. The results show that the proposed work is efficient and improved privacy protection. Therefore, this research solves the issue of insufficient and inefficient access control mechanism in protecting data especially sensitive attributes.


Download File

[img] Text
ISICTMA2019-14.pdf
Restricted to Repository staff only

Download (342kB)

Additional Metadata

Item Type: Conference or Workshop Item (Paper)
Divisions: Faculty of Computer Science and Information Technology
Publisher: Database Technologies and Applications Research Group (DbTA), Faculty of Computer Science and Information Technology, Universiti Putra Malaysia
Keywords: Trust; Purpose; Role; Privacy protection; Sensitive attributes
Depositing User: Nabilah Mustapa
Date Deposited: 07 Oct 2019 07:41
Last Modified: 07 Oct 2019 07:41
URI: http://psasir.upm.edu.my/id/eprint/75526
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item