Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WER
2007
Springer
2007
Springer
Role-Based Access Control Requirements Model with Purpose Extension
Role-Based Access Control (RBAC) is increasingly used for ensuring security and privacy in complex organizations such as healthcare institutions. In RBAC, access permissions are granted to an individual based on her defined roles. Much work has been done on the specification of RBAC models for enforcing access control; however, in order to arrive at appropriate choices of access control for particular roles and individuals in an organization, we need models at the requirements level to support elicitation and analysis. Crook et al. [3] have provided a requirements level model for RBAC, defining access to an information asset based on role, responsibility, operation, and context. We extend the Crook model to include a purpose hierarchy in order to meet the needs of privacy requirements. Access to health records is used as the example domain.
Real-time TrafficRelated Content
| Added | 09 Jun 2010 |
| Updated | 09 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | WER |
| Authors | Faranak Farzad, Eric Yu, Patrick C. K. Hung |
Comments (0)
Researcher Info
|
