A Workflow Reference Monitor for Enforcing Purpose-Based Policies

Date
2013-09-25
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Purpose is a key concept in privacy policies. Based on the purpose framework developed in our earlier work [11] we present an access control model for a work ow-based information system in which a work ows reference monitor ( WfRM ) enforces purpose-based policies. We use a generic access control policy language and show how it can be connected to the purpose modal logic language ( PML ) to link purpose constraints to access control rules and how such policies can be enforced. We also present a simple implementation of such a reference monitor based on extending eXtensible Access Control Markup Language( XACML ), a commonly used access control open standard.
Description
Keywords
Purpose, Privacy, Purpose-Based Policies
Citation