Massive hack attacks in recent years have brought privacy and security to the forefront of people’s attention to the need for improved privacy and security. People, ranging from individuals as consumers to those operators of business to legislators of government. The Health Insurance Portability and Accountability Act (HIPPA) became law in 1996. This law protects a person’s privacy. HIC, Inc. is a covered entity, as an insurance company, must adhere to HIPPA. The Gramm-Leach-Bliley Act (GLBA) became law in 1999. GLBA applies to any financial institution defined in the “subsection of Section 4(k) of the Bank Holding Company Act, the Activities That Are Financial in Nature: part (B) Insuring, guaranteeing, or indemnifying against loss, harm, damage, illness, disability, or death, or providing and issuing annuities, and acting as principal, agent, or broker for purposes of the foregoing, in any State. (Bank Holding Company Act, n.d.) GLBA applies to HIC, Inc.  

​

This Privacy Policy will cover the adoption of Privacy-aware Role Based Access Control.

Conventional access models, such as Mandatory Access Control and Discretionary Access Control, are not designed to enforce internal privacy policies and barely meet the requirements of privacy protection [1]. To address the shortcomings of existing access control models, a family of Privacy-aware Role Based Access Control (P-RBAC) (see Fig. 1) has been proposed by Ni et al. [2]. Models in such family naturally extend RBAC models [3] to support internal privacy policies. (Martino, Ni, Lin, & Bertino, n.d.)

 

​

 

​

​

​

​

​

​

A. Core P-RBAC [2] includes seven sets of entities: Users (U), Roles (R), Data (D), Actions (A), Purpose (P), Obligations (O), and Conditions (C) expressed by a customized language, referred to as LC0.  A user in the Core P-RBAC model is a human being, and a role represents a job function or job title within the organization with some associated semantics regarding the authority and responsibility conferred on a member of the role. Data in P-RBAC means any information or meta information relating to an identified or identifiable individual. An action is an executable image of a program, which upon invocation executes some function for the user. The type of action and data objects in which they are deployed. Purposes which are bound to actions on data in Core P-RBAC directly reflect the OECD [4] Data Quality Principle, Purpose Specification Principle, and Use Limitation Principle. Obligations, that is, actions to be performed after an action has been executed on data objects, are also part of many privacy policies. Conditions, that is, prerequisites to be met before any action can be executed, are frequent components of privacy policies too. (Martino, Ni, Lin, & Bertino, n.d.) See Figure 3 (Ni, et al., 2008)

​

P-RBAC enforces “purpose binding (i.e. data collected for one purpose should not used for another purpose without user consent), conditions and obligations. (Ni, et al., 2008)

​

A common approach to implement the OECD Accountability Principle in operating systems or DBMS is to log each data access as an event. Executing logging actions are obligations required by the majority of privacy policies. (Ni, et al., 2008)

 

In P-RBAC, privacy policies are expressed as permission assignments (PA); these permissions differ from permissions in classical RBAC because of the presence of additional components, representing privacy-related information. (Ni, et al., 2008)

 

As illustrated in Fig. 2 P-RBAC policies are first authored in natural language by using SPARCLE; from these natural language specifications an XML specification of P-RBAC permissions is automatically generated by SPARCLE. An analysis is then performed to determine possible conflicts and feedback is returned to the policy authors.

​

​

​

​

​

 

​Fig. 2.  The Framework

 

​

​

​

​

​

​

​

​

​

​

​

​

​

 

​

​

​

B. Role Provisioning refers to the automatic process of creating user accounts and assigning roles to enable access to all needed applications and services for valid end users form multiple domains. (Martino, Ni, Lin, & Bertino, n.d.)

​

C. Data Profile is a key approach in that it records all information about data that is relevant for privacy enforcement. (Martino, Ni, Lin, & Bertino, n.d.)

​

​

References

​

[1] S. Fischer-Hubner, IT-security and privacy: design and use of privacy enhancing security mechanisms. Springer-Verlag New

York, Inc., 2001

[2] Q. Ni, A. Trombetta, E. Bertino, and J. Lobo, “Privcy aware role based access control,” in SACMAT ’07: Proceedings of the 12th

ACM symposium on Access control models and technologies. New York, NY, USA: ACM Press, 2007.

[3] D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. R. Kuhn, and R. Chandramouli,

“Proposed nist standard for role-based access control,” ACM Trans. Inf. Syst. Secur., vol. 4, no. 3, pp. 224–274, 2001.

[4] Organisation for Economic Co-operation and Development, “Oecd guidelines on the protection of privacy and transborder

flows of personal data of 1980,” available at http://www.oecd.org/.

Bank Holding Company Act. (n.d.). Retrieved from FFIEC: https://www.ffiec.gov/exam/InfoBase/documents/

02-con-4_k_bank_holding_comp_act-991112.pdf

Martino, L. D., Ni, Q., Lin, D., & Bertino, E. (n.d.). Multi-domain and Privacy-aware Role Based Access Control in eHealth. Retrieved

from Purdue University: https://www.cs.purdue.edu/homes/bertino/IIS-eHealth/pervasive.pdf

Ni, Q., Bertino, E., Brodie, C., Karat, C.-M., Karat, J., Lobo, J., & Trombetta, A. (2008). Privacy-aware Role Based Access Control.

Retrieved from Academia: http://www.academia.edu/256269/Privacy-Aware_Role_Based_Access_Control