Abstract
As users are participating in various social contexts, some projects such as MobiLife and MyLifeBits are developing a facility to commence daily life service. This enables users to store all their daily events which can be collected using their mobile device. These data can be shared with other people or some service providers only if the user agrees. However, in the cases of inter-domain web service usage or sharing their data with others, there are some potential problems about privacy. To solve these problems, we propose a new method, privacy-aware access control through negotiation process (N-PAC). This method enables a user to accomplish self-determination and self-control of personal information in more realistic application environments.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: The 28th International Conference on Very Large Databases (VLDB) (2002)
Ardagna, C.A., Damiani, E., Cremonini, M., De Capitani di Vimercati, S., Samarati, P.: The architecture of a privacy-aware access control decision component. In: Barthe, G., Grégoire, B., Huisman, M., Lanet, J.-L. (eds.) CASSIS 2005. LNCS, vol. 3956. Springer, Heidelberg (2006)
Ashley, P., Hada, S., Powers, C., Schunter, M.: Enterprise Privacy Authorization Language (EPAL). IBM Research (2003)
Byun, J., Bertino, E., Li, N.: Purpose-based access control for privacy protection in relational database systems. Technical Report 2004-52, Purdue University (2004)
Byun, J., Bertino, E., Li, N.: Purpose based access control of complex data for privacy protection. In: Symposium on Access Control Models and Technologies Proceedings of the tenth ACM symposium on Access control models and technologies, pp. 102–110 (2005)
Cavoukian, A.: Genetic Privacy: the right “not to know”, Notes for Remarksin 10th World Congress on Medical Law (1994)
Mont, M.C., Pearson, S., Bramhall, P.: An Adaptive Privacy Management System For Data Repositories, HPL-2004-211 (November 18, 2004)
Wu, C., Potdar, V., Chang, E.: A conceptual framework for privacy policy negotiation in web services. In: Furnell, S.M., Dowland, P.S. (eds.) Sixth International Network Conference (INC), pp. 195–202 (2006)
Eldin’, Wagenaar, R.: IEEE International Conference on Towards users driven privacy control 2004, vol. 5, pp. 4673–4679 (2004)
Hommel, W.: An Architecture for Privacy-Aware Inter-domain Identity Management. In: Schönwälder, J., Serrat, J. (eds.) DSOM 2005. LNCS, vol. 3775, pp. 49–60. Springer, Heidelberg (2005)
Hatakeyama, M., Gomi, H.: Privacy Policy Negotiation Framework for Attribute Exchange. In: W3C Workshop on Languages for Privacy Policy Negotiation and Semantics-Driven Enforcement (2006)
El-Khatib, K.: A Privacy Negotiation Protocol for Web Services. In: Workshop on Collaboration Agents: Autonomous Agents for Collaborative Environments Halifax (2003)
LeFevre, K., Agrawal, R., Ercegovac, V., Ramakrishnan, R., Xu, Y., DeWitt, D.: Disclosure in Hippocratic databases. In: The 30th International Conference onVery Large Databases (VLDB) (August 2004)
Mun, H.J., Lee, K.M., Lee, S.H.: Person-Wise Privacy Level Access Control for Personal Information Directory Services. In: Sha, E., Han, S.-K., Xu, C.-Z., Kim, M.-H., Yang, L.T., Xiao, B. (eds.) EUC 2006. LNCS, vol. 4096, pp. 89–96. Springer, Heidelberg (2006)
Ni, Q., Lin, D., Bertino, E., Lobo, J.: Conditional Privacy-Aware Role Based Access Control. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 72–89. Springer, Heidelberg (2007)
Al-Fedaghi, S.S.: Beyond Purpose-Based Privacy Access Control. In: Bailey, J., Fekete, A. (eds.) Australasian Database ADC 2007. CRPIT 63, Ballarat, Australia, pp. 23–32. ACS (2007)
P3P. The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, The Wolrld Wide Web Consortium (2002) (April 16, 2002), http://www.w3.org/p3p/
http://www.istmobilife.org/index.php?option=com_content&task=view&id=41&Itemid=51
http://www.ist-mobilife.org/images/stories/architecture%20wp5.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Park, HA., Zhan, J., Lee, D.H. (2008). Privacy-Aware Access Control through Negotiation in Daily Life Service. In: Yang, C.C., et al. Intelligence and Security Informatics. ISI 2008. Lecture Notes in Computer Science, vol 5075. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69304-8_55
Download citation
DOI: https://doi.org/10.1007/978-3-540-69304-8_55
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69136-5
Online ISBN: 978-3-540-69304-8
eBook Packages: Computer ScienceComputer Science (R0)