Purpose-based access policy on provenance and data algebra

It is a crucial mechanism of access control to determine that data can only be accessed for allowed purposes. To achieve this mechanism, we propose purpose-based access policies in this paper. Different from provenance-based policies that determine if a piece of data can be accessed or not, purpose-based access policies determines for what purposes can data be accessed. Particularly, the purposes can be classified as different sensitivity levels. For the first time, We tailor policy algebras to include internal and external policy operators for hierarchical purposes, in order to merge purpose sets generated by individual policies. We also created external policy algebras to merge policies from multi-parties. With different types' testing experiments, our model is proved to be feasible and practical.