List of Journals    /    Call For Papers    /    Subscriptions    /    Login
By Author By Title
 About CSC Journals
 CSC Journals Objectives
 List of Journals
 Call For Papers CFP
 Special Issue CFP
 Submission Guidelines
 Peer Review Process
 Helpful Hints For Getting Published
 Plagiarism Policies
 Abstracting & Indexing
 Open Access Policy
 Submit Manuscript
 Reviewer Guidelines
 Editor Guidelines
 Join Us As Editor
 Launch Special Issue
 Suggest New Journal
 Browse CSC Library
 Open Access Policy
 Conference Partnership Program (CPP)
 Abstracting & Indexing
 Discounted Packages
 Archival Subscriptions
 How to Subscribe
 Subscriptions Agents
 Order Form
Purpose Engineering for Contextual Role-Based Access Control (C-RBAC)
Full text
International Journal of Engineering (IJE)
Table of Contents
Download Complete Issue    PDF(2.51MB)
Volume:  2    Issue:  3
Pages:  1-50
Publication Date:   June 2008
ISSN (Online): 1985-2312
41 - 50
Published Date   
CSC Journals, Kuala Lumpur, Malaysia
Keywords   Abstract   References   Cited by   Related Articles   Collaborative Colleague
This Manuscript is indexed in the following databases/websites:-
1. Directory of Open Access Journals (DOAJ)
2. CiteSeerX
3. Docstoc
4. Scribd
6. ScientificCommons
7. Academic Index
8. ResearchGATE
9. Bielefeld Academic Search Engine (BASE)
10. Socol@r
11. iSEEK
12. Academic Journals Database
13. Libsearch
14. slideshare
Distributed and ubiquitous computing environments have brought enormous efficiency to the collection, manipulation and distribution of information and services. Although this efficiency has revolutionized countless organizations but it has also increased the threats to individual’s privacy because the information stored within the collection of heterogeneous distributed components is sensitive and requires some form of access control. The way to protect privacy in this age of information technology requires such access control system that can accommodate organization requirements to protect privacy of individuals with ease in management and administration of resources. Among those requirements, purpose inference is one of the major problems as the total access control decision mainly relies on the user intentions/purposed. This work in this paper is an attempt to provide purpose engineering semantics that we use for the proposed contextual role-based access control model (C-RBAC) in order to comply with HIPAA. 
1 Rindfleisch, T. (1997). Privacy, information technology, and health care. Communications of the ACM, 40(8), 93–100.
2 Archives & Records Management Handbook. (2003). Retrieved January 2, 2008, from
3 Reid, J., Cheong, I., Henricksen, M. & Smith, J. (2003). A Novel Use of RBAC to Protect Privacy in Distributed Health Care Information Systems. Paper presented to Information Security and Privacy, 8th Australasian Conference, ACISP, Wollongong, Australia
4 Bacon, J., Lloyd, M. and Moody, K. (2001). Translating role-based access control policy within context. In Workshop on Policies for Distributed Systems and Networks, Springer-Verlag, 107–120.
5 Patrick, C., Hung, K. and Zheng, Y. (2007). Privacy Access Control Model for Aggregated e-Health Services. Proceedings of the 2007 Eleventh International IEEE EDOC Conference Workshop, Maryland U.S.A, 12-19.
6 Langheinrich, M. (2001). Privacy by Design — Principles of Privacy-Aware Ubiquitous Systems. In “Ubicomp 2001”. Retrieved January 22, 2008, from
7 Jiang, X. and Landay, J. A. (2002). Modeling privacy control in context-aware systems. IEEE Pervasive Computing, 1(3), 59-63.
8 Bohn, J., Gartner, F. and Vogt, H. (2004). Dependability Issues of Pervasive Computing in a Healthcare Environment. Security in Pervasive Computing, First International Conference, Boppard, Germany, 53-70.
9 Beckwith, R. (2003). Designing for Ubiquity: The Perception of Privacy. IEEE Pervasive Computing, 2(2), 40–46.
10 Beresford, R. and Stajano, F. (2004). Mix zones: User privacy in location-aware services. Proceedings of the 2nd IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW04), Orlando, Florida, pp. 127.
11 Definition of the purpose on the Web. Retrieved July 30, 2007, from:
12 Byun, J. W., Bertino, E. and Li, N. (2004). Purpose Based Access Control for Privacy Protection in Relational Database Systems. Technical Report 2004-52, Purdue University, USA.
13 World Wide Web Consortium (W3C). Platform for Privacy Preferences (P3P) Retrieved October 10, 2008, from
14 Joshi, J.B.D., Bertino, E. and Ghafoor, A. (2002). Temporal Hierarchies and Inheritance Semantics for GTRBAC. Proceedings of the seventh ACM symposium on Access control models and technologies, Monterey, California, USA, 74-83.
15 Joshi, J. B. D., Bertino, E., Latif, U. and Ghafoor, A. (2005). A Generalized Temporal Role-Based Access Control Model. IEEE Transactions on Knowledge and Data Engineering, 17(1), 4–23.
16 Tahir, M. N. (2008). Hierarchies in Contextual Role- Based Access Control Model (C-RBAC). International Journal of Computer Science and Security (IJCSS), 2(4), 28-42.
1 PeekYou
Muhammad Nabeel Tahir : Colleagues  
  Untitled Document
Copyrights (c) 2012 Computer Science Journals. All rights reserved.
Best viewed at 1152 x 864 resolution. Microsoft Internet Explorer.
Copyrights & Usage: Articles published by CSC Journals are Open Access. Permission to copy and distribute any other content, images, animation and other parts of this website is prohibited. CSC Journals has the rights to take action against individual/group if they are found victim of copying these parts of the website.