Ambient assisted living is a new interdisciplinary field aiming at supporting senior citizens in their home by means of embedded technologies. This domain offer an interesting challenge for providing dependability and security in a privacy-respecting way: in order to provide services in an emergency we cannot monitor on a second-by-second base a senior citizen. Beside being immoral, it would be illegal (at least in Europe). At the same time if we do not get notified of an emergency, the entire system would be useless.
In this paper we present an access control model for this domain that extends RBAC with the notion of organizational model, goals and dependencies. In this model we can associate permission to the objectives that have been assigned to the users of the system and solve the trade-off between security and dependability.