Role-Based Access Control for the Open Grid Services Architecture - Data Access and Integration (OGSA-DAI)

Grid has emerged recently as an integration infrastructure for the sharing and coordinated use of diverse resources in dynamic, distributed virtual organizations (VOs). A Data Grid is an architecture for the access, exchange, and sharing of data in the Grid environment. In this dissertation, role-based access control (RBAC) systems for heterogeneous data resources in Data Grid systems are proposed. The Open Grid Services Architecture - Data Access and Integration (OGSA-DAI) is a widely used framework for the integration of heterogeneous data resources in Grid systems. However, in the OGSA-DAI system, access control causes substantial administration overhead for resource providers in VOs because each of them has to manage the authorization information for individual Grid users. Its identity-based access control mechanisms are severely inefficient and too complicated to manage because the direct mapping between users and privileges is transitory. To solve this problem, (1) the Community Authorization Service (CAS), provided by the Globus toolkit, and (2) the Shibboleth, an attribute authorization service, are used to support RBAC in the OGSA-DAI system. The Globus Toolkit is widely used software for building Grid systems. Access control policies need to be specified and managed across multiple VOs. For this purpose, the Core and Hierarchical RBAC profile of the eXtensible Access Control Markup Language (XACML) is used; and for distributed administration of those policies, the Object, Metadata and Artifacts Registry (OMAR) is used. OMAR is based on the e-business eXtensible Markup Language (ebXML) registry specifications developed to achieve interoperable registries and repositories. The RBAC systems allow quick and easy deployments, privacy protection, and the centralized and distributed management of privileges. They support scalable, interoperable and fine-grain access control services; dynamic delegation of rights; and user-role assignments. They also reduce the administration overheads for resource providers because they need to maintain only the mapping information from VO roles to local database roles. Resource providers maintain the ultimate authority over their resources. Moreover, unnecessary mapping and connections can be avoided by denying invalid requests at the VO level. Performance analysis shows that our RBAC systems add only a small overhead to the existing security infrastructure of OGSA-DAI

A conditional role-involved purpose-based access control model

This paper presents a role-involved conditional purpose-based access control (RCPBAC) model, where a purpose is defined as the intension of data accesses or usages. RCPBAC allows users using some data for certain purpose with conditions. The structure of RCPBAC model is defined and investigated. An algorithm is developed to achieve the compliance computation between access purposes (related to data access) and intended purposes (related to data objects) and is illustrated with role-based access control (RBAC) to support RCPBAC. According to this model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers' data. It extends traditional access control models to a further coverage of privacy preserving in data mining environment as RBAC is one of the most popular approach towards access control to achieve database security and available in database management systems. The structure helps enterprises to circulate clear privacy promise, to collect and manage user preferences and consent

Children's Databases - Safety and Privacy

This report describes in detail the policy background, the systems that are being built, the problems with them, and the legal situation in the UK. An appendix looks at Europe, and examines in particular detail how France and Germany have dealt with these issues. Our report concludes with three suggested regulatory action strategies for the Commissioner: one minimal strategy in which he tackles only the clear breaches of the law, one moderate strategy in which he seeks to educate departments and agencies and guide them towards best practice, and finally a vigorous option in which he would seek to bring UK data protection practice in these areas more in line with normal practice in Europe, and indeed with our obligations under European law

Private Data System Enabling Self-Sovereign Storage Managed by Executable Choreographies

With the increased use of Internet, governments and large companies store and share massive amounts of personal data in such a way that leaves no space for transparency. When a user needs to achieve a simple task like applying for college or a driving license, he needs to visit a lot of institutions and organizations, thus leaving a lot of private data in many places. The same happens when using the Internet. These privacy issues raised by the centralized architectures along with the recent developments in the area of serverless applications demand a decentralized private data layer under user control. We introduce the Private Data System (PDS), a distributed approach which enables self-sovereign storage and sharing of private data. The system is composed of nodes spread across the entire Internet managing local key-value databases. The communication between nodes is achieved through executable choreographies, which are capable of preventing information leakage when executing across different organizations with different regulations in place. The user has full control over his private data and is able to share and revoke access to organizations at any time. Even more, the updates are propagated instantly to all the parties which have access to the data thanks to the system design. Specifically, the processing organizations may retrieve and process the shared information, but are not allowed under any circumstances to store it on long term. PDS offers an alternative to systems that aim to ensure self-sovereignty of specific types of data through blockchain inspired techniques but face various problems, such as low performance. Both approaches propose a distributed database, but with different characteristics. While the blockchain-based systems are built to solve consensus problems, PDS's purpose is to solve the self-sovereignty aspects raised by the privacy laws, rules and principles.Comment: DAIS 201

Implanting Life-Cycle Privacy Policies in a Context Database

Ambient intelligence (AmI) environments continuously monitor surrounding individuals' context (e.g., location, activity, etc.) to make existing applications smarter, i.e., make decision without requiring user interaction. Such AmI smartness ability is tightly coupled to quantity and quality of the available (past and present) context. However, context is often linked to an individual (e.g., location of a given person) and as such falls under privacy directives. The goal of this paper is to enable the difficult wedding of privacy (automatically fulfilling users' privacy whishes) and smartness in the AmI. interestingly, privacy requirements in the AmI are different from traditional environments, where systems usually manage durable data (e.g., medical or banking information), collected and updated trustfully either by the donor herself, her doctor, or an employee of her bank. Therefore, proper information disclosure to third parties constitutes a major privacy concern in the traditional studies