Enforcing the purpose of data usage means to ensure that data is used as it intends for and that excessive usage can not happen. In general, the enforcement of purpose is a complicated task. The main difficulty is to identify the purpose of an agent when it requests to perform an action. In this paper, we discuss the design issue of usage purpose enforcement model based on our proposed enforcement structure: pre- , ongoing-, and post-enforcement. We also propose an enforcement solution for usage control designed for distributed healthcare information system, particularly, the pre- and ongoing-enforcement of purpose. Furthermore, we validate our model with a prototype developed in Java.
|Pages (de - à)||94-105|
|Nombre de pages||12|
|journal||International Journal of Security and Networks|
|Numéro de publication||2|
|Etat de la publication||Publié - 2 août 2013|