Privacy in Database Designs: A Role Based Approach

Author

Gary A. Poe, University of South Florida

Graduation Year

2008

Document Type

Dissertation

Degree

Ph.D.

Degree Granting Department

Information Systems

Major Professor

Rosann Collins, Ph.D.

Co-Major Professor

Donald Berndt, Ph.D.

Committee Member

Ellis Blanton, PhD.

Committee Member

Stanley Birkin, PhD.

Keywords

Privacy, Security, Taxonomy, Access Control Systems, Philosophy, Law, RBAC, Role Based Access Control

Abstract

Privacy concerns have always been present in every society. The introduction of information technology information has enabled a reduction in the cost of gathering information, management of that information and the permitted that same information to become increasingly portable. Coupled with these reductions of cost has been an increase in the demand for information as well as the concern that privacy expectations be respected and enforced through security systems that safeguard access to private-type data. Security systems enforce privacy expectations. Unfortunately there is no consensus on a definition of privacy making the specification of security often over broad and resulting in the loss of critical functionality in the systems produced. This research expands the understanding of privacy by proposing a replicable type-based taxonomy of privacy that is grounded in philosophy and law. This type-based system is applied to a Role Based Access Control System to specify and control access to data in a in a hospital setting as a proof of concept.

Scholar Commons Citation

Poe, Gary A., "Privacy in Database Designs: A Role Based Approach" (2007). USF Tampa Graduate Theses and Dissertations.
https://digitalcommons.usf.edu/etd/454