Purpose based access control for privacy protection in relational database systems

Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic . In: Proceedings of the 28th International Conference on Very Large Databases (VLDB) (2002)

ANSI: American national standard for information technology—role based access control. ANSI INCITS 359–2004 (2004)

Ashley, P., Powers, C.S., Schunter, M.: Privacy promises, access control, and privacy management. In: Third International Symposium on Electronic Commerce (2002)

Barker S., Stuckey P.J. (2003). Flexible access control policy specification with constraint logic programming. ACM Trans. Inf. Syst. Secu. 6(4):501–546

Bell, D.E., LaPadula, L.J.: Secure computer systems: mathematical foundations and model Technical report, MITRE Corporation (1974)

Bertino E., Jajodia S., Samarati P. (1995). Database security: research and practice. Inf. Syst. 20(7):537–556

Bitton, D., DeWitt, D.J., Turbyfill, C.: Benchmarking database systems: a systematic approach. In: Ninth International Conference on Very Large Data Bases (1983)

Chen, F., Sandhu, R.: Constraints for role-based access control. In: The first ACM Workshop on Role-based access control (1996)

Denning, D., Lunt, T., Schell, R., Shockley, W., Heckman, M.: The seaview security model. In: The IEEE Symposium on Research in Security and Privacy (1988)

Dong, X., Halevy, A., Madhavan, J., Nemes, E.: Reference reconciliation in complex information spaces. In: ACM International Conference on Management of Data (SIGMOD) (2005)

Federal Trade Commision: Children’s online privacy protection act of 1998. Available at www.cdt.org/legislation/105th/privacy/ coppa.html

Federal Trade Commission: Privacy online: fair information practices in the electronic marketplace: a report to congress, May 2000. Available at www.ftc.gov/reports/privacy2000/privacy2000.pdf

Fellegi, I.P., Sunter, A.B.: A theory for record linkage. J. Am. Stat. Assoc. (1969)

Ferraiolo, D.F., Richard Kuhn, D., Chandramouli, R.: Role-Based Access Control. Artech House (2003)

Ferraiolo D.F., Sandhu R.S., Gavrila S., Kuhn D.R., Chandramouli R. (2001). Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Sec. 4(3):224–274

Goh, C., Baldwin, A.: Towards a more complete model of role. In: The 3rd ACM workshop on Role-based access control. (1998)

IBM: The Enterprise Privacy Authorization Language (EPAL). Available at www.zurich.ibm.com/security/enterprise-privacy/epal

Jajodia, S., Sandhu, R.: Toward a multilevel secure relational data model. In: ACM International Conference on Management of Data (SIGMOD) pp. 50–59. ACM Press, New York (1991)

Karjoth, G., Schunter, M., Waidner, M.: Platform for enterprise privacy practice: Privacy-enabled management of customer data. In: The 2nd Workshop on Privacy Enhancing Technologies (PET 2002) (2002)

Kobsa A. (2002). Personalized hypermedia and international privacy. Communic ACM. 45(5):64–67

Kumar A., Karnik N., Chafle G. (2002). Context sensitivity in role-based access control. ACM SIGOPS Oper. Syst. Rev. 36(3):53–66

LeFevre, K., Agrawal, R., Ercegovac, V., Ramakrishnan, R., Xu, Y., DeWitt, D.: Disclosure in hippocratic databases. In: The 30th International Conference on Very Large Databases (VLDB) (2004)

Oracle Corporation: The Virtual Private Database in Oracle9iR2: An Oracle Technical White Paper, January 2002. Available at www.oracle.com.

Oracle Corporation: The Oracle Database SQL References, December 2003. Availabe at www.oracle.com.

Sandhu R., Chen F. (1998). The multilevel relational data model. ACM Trans. Inf. Syst. Secu. 1(1):93–132

Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST model for role-based access control: towards a unified standard. In: Proceedings of the Fifth ACM Workshop on Role-Based Access Control (RBAC 2000), pp. 47–63 (2000)

Sandhu R.S., Coyne E.J., Feinstein H.L., Youman C.E. (1996). Role-based access control models. IEEE Comput. 29(2):38–47

Sarawagi, S., Bhamidipaty, A.: Interactive deduplication using active learning. In: ACM International conference on Knowledge discovery and data mining (SIGKDD) (2002)

Stonebraker, M., Wong, E.: Access control in a relational data base management system by query modification. In: ACM CSC-ER Proceedings of the 1974 Annual Conference (1974)

World Wide Web Consortium (W3C): A P3P Preference Exchange Language 1.0 (APPEL 1.0). Available at www.w3.org/TR/P3P-preferences

World Wide Web Consortium (W3C): Platform for Privacy Preferences (P3P). Available at www.w3.org/P3P.