A conditional role-involved purpose-based access control model

This paper presents a role-involved conditional purpose-based access control (RCPBAC) model, where a purpose is defined as the intension of data accesses or usages. RCPBAC allows users using some data for certain purpose with conditions. The structure of RCPBAC model is defined and investigated. An algorithm is developed to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects) and is illustrated with role-based access control (RBAC) to support RCPBAC. According to this model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers' data. It extends traditional access control models to a further coverage of privacy preserving in data mining environment as RBAC is one of the most popular approach towards access control to achieve database security and available in database management systems. The structure helps enterprises to circulate clear privacy promise, to collect and manage user preferences and consent

VirtualIdentity : privacy preserving user profiling

User profiling from user generated content (UGC) is a common practice that supports the business models of many social media companies. Existing systems require that the UGC is fully exposed to the module that constructs the user profiles. In this paper we show that it is possible to build user profiles without ever accessing the user's original data, and without exposing the trained machine learning models for user profiling - which are the intellectual property of the company - to the users of the social media site. We present VirtualIdentity, an application that uses secure multi-party cryptographic protocols to detect the age, gender and personality traits of users by classifying their user-generated text and personal pictures with trained support vector machine models in a privacy preserving manner

Privacy-Preserving Reengineering of Model-View-Controller Application Architectures Using Linked Data

When a legacy system’s software architecture cannot be redesigned, implementing additional privacy requirements is often complex, unreliable and costly to maintain. This paper presents a privacy-by-design approach to reengineer web applications as linked data-enabled and implement access control and privacy preservation properties. The method is based on the knowledge of the application architecture, which for the Web of data is commonly designed on the basis of a model-view-controller pattern. Whereas wrapping techniques commonly used to link data of web applications duplicate the security source code, the new approach allows for the controlled disclosure of an application’s data, while preserving non-functional properties such as privacy preservation. The solution has been implemented and compared with existing linked data frameworks in terms of reliability, maintainability and complexity

Legal and Policy Framework for Promoting Equitable Access to Documentary Heritage

The National Mission for Manuscripts of India, in association with UNESCO, completed a research study to assist in the development of legal and policy framework and protocols for promoting equitable access to documentary heritage, relevant to India and other South Asian countries. This study report seeks to accurately identify and critically examine the legal and policy framework for promoting equitable access to our documentary heritage. The National Mission for Manuscripts is the most important institution in India creating bibliographic databases of manuscripts and engaged in the conservation and preservation of valuable manuscripts. This report engages with the legal and policy framework which envelops the lifecycle of the Mission’s work: the process of access to manuscripts, digitization of manuscripts and the creation of databases. By critically examining the legal rules in the practical context of the Mission’s work, the research team has put together the first such review of any such initiative in the protection of traditional knowledge in the country. The conclusions of the report are in the form of draft legal agreements and policy recommendations located in the discussion on various parts of the Mission’s work. While this report does not set out to be the final word on these significant policy initiatives, the report definitely makes significant progress in the policy debate and legal literature in this field. This report illustrates working patterns of the Mission within the legal and policy framework in the Country. This report will be a valuable sourcebook for understanding South Asian legal and policy framework for accessing documentary heritage collections. The draft legal agreements and policy recommendations, presented in this report, will also be valuable intervention tools for South Asian countries that share similar legal and policy framework within the sub-region