Abstract—A subject can execute a transaction only if the subject has selected or been assigned a role. While current information technology enables people to carry out their business virtually at any time in any place, it also provides the capability to store various types of information the users reveal during their activities. A key feature of our model is that it allows multiple purposes to be associated with each data element and also supports explicit prohibitions, thus allowing privacy offers to specify that some data should not be used for certain purposes. The RBAC model is based on the notion of users having an action status as well as an ascribed status .Privacy policy is to ensure that data can only be used for its intended purpose, and the access purpose should be compliant with the data’s intended purpose. We address this issue in the context of Object Relational Databases and propose four different labeling schemes, each providing a different granularity.
Index Terms—Access Control, Data labeling, Reason, Purpose, Privacy, Status
Dr. Swamynathan S., Assistant Professor, Anna University, Chennai
Cite: Emilin Shyni C., Swamynathan S., "Reason based Access Control for Privacy Protection in Object Relational Database Systems," International Journal of Computer Theory and Engineering vol. 3, no. 1, pp. 32-37, 2011.
Copyright © 2008-2024. International Association of Computer Science and Information Technology. All rights reserved.
