الفهرس 
IntroductionOnly 14 pages are availabe for public view
 |  | from | 16 |  |  |
| | | from | 16 | | |
Abstract
Data privacy issues are increasingly becoming important for many applications used in banks, the stock exchange, airlines, and hospitals. Threats and risks to databases have increased and therefore, the need for securing databases has also increased to prevent unauthorized data observation and modification ensuring the confidentiality of the data. The majority of the companies store sensitive data in databases. However, database security is sometimes not given as much thought and effort as other areas of computer security. Hackers have been able to target large databases in recent years to obtain sensitive information like credit card numbers and other personal information. It is important to protect databases against these risks, and this is where database security comes into place. The key technical challenge is to balance the data usage with the need to preserve privacy of individual data. In this thesis, a solution for privacy preservation in workflow systems is proposed. The proposed model represents an integration of the most well-known access control models; namely, (1) the Conditional Purpose Based Access Control model (CPBAC), (2) the Multi-Dim Task Role Based Access model (MD-TRBAC), and (3) the Policy Based access control model (PBFW). This integration would result in the benefits of the three models with a simple and manageable cost. Therefore, the proposed model meets the particular requirements of the workflow systems such as the notion of a task life cycle, the dynamic access control management, active permission assignment, and applying access control policies to enhance user privacy. In addition the new model adapts the notion of the conditional purpose, which allows users to use some data for certain purpose with conditions. Conditional purpose provides more reliable data management because more information can be extracted assuring the same user privacy. As a proof of concept the proposed model was verified and evaluated using a case study.