| Abstract |
Access control is a fundamental building block for secure information sharing [1]. It has been widely investigated and several access control models have been proposed, including models taking into account time, location and situation [2, 3, 15, 16] and models specific for privacy-sensitive data [4]. Access control mechanisms are embedded in many different systems, ranging from operating systems to database management systems, and standards have been proposed – the most notable being the role-based access control (RBAC) model [5] and the XACML attribute-based access control model [6]. |