Governance Based Access Control


  • Definition

    GBAC is a technique for classifying and controlling access to shared information, allowing personnel from one agency to view/access shared information contributed by other participating agencies.

  • Principles

    1. a. In order to access an information asset, the requestor must be empowered by an agreement that defines their legal right to access that information.
    2. b. There is a finite set of attributes, intrisic to an information asset, that regulate its accessibility
    3. c. The organization that supplies (contributes) an information asset must control the disclosure of that information
  • Mechanism

    GBAC links specific meta-data to each information asset. Meta-data that identifies the legislative justification for the collection and use of the information, and the official justification for the sharing of the information between organizations. The meta-data is used to control access to the information asset through its lifecycle from collection to disclosure and finally disposal.

    Similar meta-data tags are assigned to accredited personnel requiring access to information. A person requesting a data record will only be granted access if the meta-data assigned to them matches that embedded in the data.

  • Comparison with traditional RBAC

    Most traditional Access Models require that:

    • - information will only be accessible by members or guests of a particular application/system
    • - there is a single authority governing stored information
    • - user roles are pre-defined and embedded in application logic

    GBAC allows:

    • - access rights to be based on privacy legislation, agency policies and sharing agreements
    • - controlling access to information from multiple sources, organizations and jurisdictions
    • - the information owner/contributor to control disclosure of information
    • - audit logs to capture the exact conditions under which access to a record was permitted providing traceability to a specific sharing agreement
    • - a technology and system independent solution to data security
    • - user roles are dynamic and not dependent on application logic

  • Try the GBAC demo

    Part 1 of the demo demonstrates the basic components of a GBAC assertion. The panel on the left side of the page contains the six parameters that make up a GBAC assertion. This assertion represents the permissions granted to a user wishing to access some information that is GBAC-encoded. By selecting and modifying the parameters in this panel, we can control the permissions (assertions) given to a simulated user.

    The panel on the right contains a fabricated Immigration Canada document marked up in XML format that has been encoded with GBAC assertions.

    After modifying the assertion parameters for the simulated user, press the [Apply] button. The information in the document is filtered based on the access rights selected for the user.

    The filtered document can also be viewed in a more readable format (without the GBAC information) by selecting the [HTML} radio-button and pressing the [Apply} button.

    Part 2 of the demo demonstrates controlling access to "database" information through combining GBAC assertions. The panel on the left side of the page contains three fictitious GBAC assertions that can be granted or withdrawn from our simulated user. By selecting or clearing the check-boxes in this panel, we can control the permissions (assertions) given to a simulated user.

    The panel on the right contains a record of a person made up of data from multiple sources (RCMP, CFC, BC Govt) marked up in XML format that has been encoded with GBAC assertions.

    After selecting the assertions for the simulated user, press the [Apply] button. The information in the Person record is filtered based on the access rights selected for the user.

    The filtered Person record can also be viewed in a more readable format (sort of a facts sheet) by selecting the [HTML} radio-button and pressing the [Apply} button.