Enforcing the purpose of data usage means to ensure that data is used as it intends for and that excessive usage can not happen. In general, the enforcement of purpose is a complicated task. The main difficulty is to identify the purpose of an agent when it requests to perform an action. In this paper, we discuss the design issue of usage purpose enforcement model based on our proposed enforcement structure: pre- , ongoing-, and post-enforcement. We also propose an enforcement solution for usage control designed for distributed healthcare information system, particularly, the pre- and ongoing-enforcement of purpose. Furthermore, we validate our model with a prototype developed in Java.
|Number of pages||12|
|Journal||International Journal of Security and Networks|
|Publication status||Published - 2 Aug 2013|
- purpose enforcement
- enforcement model
- security privacy
- distributed healthcare