Current proposals for access control languages cannot specify policies required by specific application scenarios (e.g. a database system to enforce privacy regulations), may also contain design flaws, and are incompatible. In this dissertation, we extend RBAC with new components to meet...

In this article, we introduce a comprehensive framework supporting a privacy-aware access control mechanism, that is, a mechanism tailored to enforce access control to data containing personally identifiable information and, as such, privacy sensitive. The key component of the framework is a...