Towards a Purpose-Based Access Control Model Derived from the Purpose Limitation Principle
MG Kebede, T van Binsbergen… - Legal Knowledge …, 2023 - ebooks.iospress.nl
Legal Knowledge and Information Systems, 2023•ebooks.iospress.nl
The purpose limitation principle is a GDPR cornerstone that aims to minimize data
processing risks by limiting instances of personal data access and usage. We model
purpose as an action or sequences of actions and formalize action relationships to derive
purpose-based permissions. Based on these permissions, we introduce a novel purpose-
based access control model with a purpose matching algorithm illustrated with a healthcare
research use case.
processing risks by limiting instances of personal data access and usage. We model
purpose as an action or sequences of actions and formalize action relationships to derive
purpose-based permissions. Based on these permissions, we introduce a novel purpose-
based access control model with a purpose matching algorithm illustrated with a healthcare
research use case.
Abstract
The purpose limitation principle is a GDPR cornerstone that aims to minimize data processing risks by limiting instances of personal data access and usage. We model purpose as an action or sequences of actions and formalize action relationships to derive purpose-based permissions. Based on these permissions, we introduce a novel purpose-based access control model with a purpose matching algorithm illustrated with a healthcare research use case.
ebooks.iospress.nl
Showing the best result for this search. See all results