Extending XACML Access Control Architecture for Allowing Preference-Based Authorisation

Download Now Free registration required

Executive Summary

In this paper, the author proposes a solution that ensures that only the legitimate entities/data receivers can access personal data. For that, the author proposes an extension to the OASIS eXtensible Access Control Markup Language (XACML) The original publication is available at [5] architecture and framework to enforce consent based on fine-grained preferences representing data subjects' consent. The XACML choice is influenced by the fact that this framework is currently a reference standard. The solution builds on the observation that in most organisations, personal data are collected and managed by specific entities - e.g., the human resources service, the customer management service, etc.

  • Format: PDF
  • Size: 174.34 KB