DefinePK

Abstract

Authentication and authorization are two pivotal security mechanisms generally implemented to enforce security both on data and resource levels in computer applications, especially over the internet. Once a user is authenticated, application starts a session for the user. But authentication does not mean license for anything for user. Several application resources and data sources are further secured by a Role based Access Control mechanisms. The sensitive and confidential information in many organizations is shared by the means of authorized access. But an authorized user can still compromise the privacy of persons leading to an unwanted identity disclosure. An anonymization technique is normally employed to suppress identifiable attributes yet capable of sharing information. Anyway some accuracy of data is compromised for the sake of privacy protection. In this paper a framework is developed which puts an additional aspect of accuracy constraint for multiple roles. Once the access control and data anonymization techniques are integrated they work together as a service for any application as a configurable privacy preserving role based access control framework.