Towards application-layer purpose-based access control
| Autor: | Max-R. Ulbricht, Karl Wolf, Thomas Peikert, Paul Wille, Frank Pallas, Marcel Reppenhagen, Daniel Wenzel, Stefan Tai |
|---|---|
| Rok vydání: | 2020 |
| Předmět: |
Privacy by Design
business.industry Computer science Distributed computing 020207 software engineering Access control 02 engineering and technology Web engineering Application layer 020204 information systems 0202 electrical engineering electronic engineering information engineering Data Protection Act 1998 Privacy engineering business Implementation |
| Zdroj: | SAC |
| Popis: | In this paper, we propose an architecturally novel approach to implementing purpose-based access control in practice. Different from previous proposals, our approach resides on the application instead of the data(base) layer. This allows for significantly better integration with established architectures and practices of real-world application engineering and to achieve database independence. To validate practical applicability, we provide two exemplary implementations and briefly assess the introduced overhead in matters of achievable throughputs. Results significantly depend on data and query type but basically suggest bearable overheads for realistic applications even though possible performance optimizations have not been implemented in our proofs-of-concept yet. Our approach thus proposes significantly better practical feasibility than previous ones and exhibits reasonable overheads. It therefore paves the way for purpose-based access control to be actually adopted in practice. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|