关键词: 数据访问目的, 隐私保护, 隐私访问控制, 元数据

Abstract: With the release of the privacy data access guidelines by industries， such as HIPAA and OECD guidelines， the access control of privacy data has recently become a hot research topic in the area of privacy data management. The role-based access control mechanism and view-based access control mechanism in a relational database only support the controls for users’ access permissions， but they don’t solve the problems of privacy-aware access control. The key elements for describing privacy data are the hierarchical structure of data purpose. Several purpose-based access control models presented currently have two shortcomings： The redundancy of privacy policies and the query results not maximized. This paper proposes a novel purpose-based relational database access control model R-PAACEE （privacy-aware access control enforcement engine）， which can reduce the redundancy of privacy policies by constructing the concept hierarchy of privacy policies and describing them with ordered tuples. The paper also presents a query-rewritten algorithm for separating the private and non-private attributes， which can maximize the query results. The experimental results show that for a query related to privacy data， a database management system with R-PAACEE can achieve good query performance.

Key words: data purpose, privacy preservation, privacy-aware access control, meta data