Abstract
This paper introduces a Context-aware Privacy Policy Language (CPPL) that enables mobile users to control who can access their context information, at what detail, and in which situation by specifying their context-aware privacy rules. Context-aware privacy rules map a set of privacy rules to one or more user’s situations, in which these rules are valid. Each time a user’s situation changes, a list of valid rules is updated, leaving only a subset of the specified rules to be evaluated by a privacy framework upon arrival of a context query. In the existing context-dependent privacy policy languages a user’s context is used as an additional condition parameter in a privacy rule, thus all the specified privacy rules have to be evaluated when a request to access a user’s context arrives. Keeping the number of rules that need to be evaluated small is important because evaluation of a large number of privacy rules can potentially increase the response time to a context query. CPPL also enables rules to be defined based on a user’s social relationship with a context requestor, which reduces the number of rules that need to be defined by a user and that consequently need to be evaluated by a privacy mechanism. This paper shows that when compared to the existing context-dependent privacy policy languages, this number of rules (that are encoded using CPPL) decreases with an increasing number of user-defined situations and requestors that are represented by a small number of social relationship groups.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Moses, T.: eXtensible Access Control Markup Language (XACML) Version 2.0. Technical report, OASIS (February 2005)
Devlic, A., et al.: Context inference of users’ social relationships and distributed policy management. In: Proc. of the 7th IEEE International Conference on Pervasive Computing and Communication (PerCom 2009), 6th Workshop on Context Modeling and Reasoning (CoMoRea 2009), Galveston, Texas, USA, pp. 755–762 (March 2009)
Consolvo, S., et al.: Location Disclosure to Social Relations: Why, When, and What People Want to Share. In: 11th International Conference on Human-Computer Interaction (CHI 2005), pp. 81–90. ACM Press, Las Vegas (2005)
Olson, J.S., et al.: Preferences for Privacy Sharing: Results & Directions CREW Technical Report (2004)
Hull, R., et al.: Enabling context aware and privacy-conscious user data sharing. In: 5th IEEE International Conference on Mobile Data Management (MDM 2004), Berkley, CA, USA, pp. 187–198 (January 2004)
Corradi, A., Montanari, R., Tibaldi, D.: Context-based Access Control Management in Ubiquitous Environments. In: Third IEEE International Symposium on Network Computing and Applications (NCA 2004), Cambridge, MA, USA, pp. 253–260 (August 2004)
Sacramento, V., Endler, M., Nascimento, F.N.: A Privacy Service for Context-aware Mobile Computing. In: First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SecureComm 2005), Athens, Greece, pp. 182–193 (September 2005)
Blount, M., Davis, J., et al.: Privacy Engine for Context-Aware Enterprise Application Services. In: IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, Shanghai, China, vol. 2, pp. 94–100 (December 2008)
Czajkowski, K., Fitzgerald, S., Foster, I., Kesselman, C.: Grid Information Services for Distributed Resource Sharing. In: 10th IEEE International Symposium on High Performance Distributed Computing, San Francisco, pp. 181–184 (2001)
McGuinness, D.L., Harmelen, F.: OWL web ontology language overview. W3C submission, W3C Recommendation (2003), http://www.w3.org/TR/owl-features/
Horrocks, I., et al.: SWRL: A Semantic Web Rule Language Combining OWL and RuleML. W3C submission, http://www.w3.org/Submission/SWRL/
Reichle, R., Wagner, M., Khan, M.U., Geihs, K., Lorenzo, J., Valla, M., Fra, C., Paspallis, N., Papadopoulos, G.A.: A Comprehensive Context Modeling Framework for Pervasive Computing Systems. In: Meier, R., Terzis, S. (eds.) DAIS 2008. LNCS, vol. 5053, pp. 281–295. Springer, Heidelberg (2008)
Reichle, R., et al.: A Context Query Language for Pervasive Computing Environments. In: Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom 2008), Hong Kong (March 2008)
IST project MUSIC, Self-Adapting Applications for Mobile Users in Ubiquitous Computing Environment project, http://www.ist-music.eu
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Behrooz, A., Devlic, A. (2012). A Context-Aware Privacy Policy Language for Controlling Access to Context Information of Mobile Users. In: Prasad, R., Farkas, K., Schmidt, A.U., Lioy, A., Russello, G., Luccio, F.L. (eds) Security and Privacy in Mobile Information and Communication Systems. MobiSec 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 94. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30244-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-30244-2_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30243-5
Online ISBN: 978-3-642-30244-2
eBook Packages: Computer ScienceComputer Science (R0)