Skip to main content
SpringerLink
Log in

A Context-Aware Privacy Policy Language for Controlling Access to Context Information of Mobile Users

  • Conference paper
Book cover Security and Privacy in Mobile Information and Communication Systems (MobiSec 2011)

Abstract

This paper introduces a Context-aware Privacy Policy Language (CPPL) that enables mobile users to control who can access their context information, at what detail, and in which situation by specifying their context-aware privacy rules. Context-aware privacy rules map a set of privacy rules to one or more user’s situations, in which these rules are valid. Each time a user’s situation changes, a list of valid rules is updated, leaving only a subset of the specified rules to be evaluated by a privacy framework upon arrival of a context query. In the existing context-dependent privacy policy languages a user’s context is used as an additional condition parameter in a privacy rule, thus all the specified privacy rules have to be evaluated when a request to access a user’s context arrives. Keeping the number of rules that need to be evaluated small is important because evaluation of a large number of privacy rules can potentially increase the response time to a context query. CPPL also enables rules to be defined based on a user’s social relationship with a context requestor, which reduces the number of rules that need to be defined by a user and that consequently need to be evaluated by a privacy mechanism. This paper shows that when compared to the existing context-dependent privacy policy languages, this number of rules (that are encoded using CPPL) decreases with an increasing number of user-defined situations and requestors that are represented by a small number of social relationship groups.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Moses, T.: eXtensible Access Control Markup Language (XACML) Version 2.0. Technical report, OASIS (February 2005)

    Google Scholar 

  2. Devlic, A., et al.: Context inference of users’ social relationships and distributed policy management. In: Proc. of the 7th IEEE International Conference on Pervasive Computing and Communication (PerCom 2009), 6th Workshop on Context Modeling and Reasoning (CoMoRea 2009), Galveston, Texas, USA, pp. 755–762 (March 2009)

    Google Scholar 

  3. Consolvo, S., et al.: Location Disclosure to Social Relations: Why, When, and What People Want to Share. In: 11th International Conference on Human-Computer Interaction (CHI 2005), pp. 81–90. ACM Press, Las Vegas (2005)

    Google Scholar 

  4. Olson, J.S., et al.: Preferences for Privacy Sharing: Results & Directions CREW Technical Report (2004)

    Google Scholar 

  5. Hull, R., et al.: Enabling context aware and privacy-conscious user data sharing. In: 5th IEEE International Conference on Mobile Data Management (MDM 2004), Berkley, CA, USA, pp. 187–198 (January 2004)

    Google Scholar 

  6. Corradi, A., Montanari, R., Tibaldi, D.: Context-based Access Control Management in Ubiquitous Environments. In: Third IEEE International Symposium on Network Computing and Applications (NCA 2004), Cambridge, MA, USA, pp. 253–260 (August 2004)

    Google Scholar 

  7. Sacramento, V., Endler, M., Nascimento, F.N.: A Privacy Service for Context-aware Mobile Computing. In: First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SecureComm 2005), Athens, Greece, pp. 182–193 (September 2005)

    Google Scholar 

  8. Blount, M., Davis, J., et al.: Privacy Engine for Context-Aware Enterprise Application Services. In: IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, Shanghai, China, vol. 2, pp. 94–100 (December 2008)

    Google Scholar 

  9. Czajkowski, K., Fitzgerald, S., Foster, I., Kesselman, C.: Grid Information Services for Distributed Resource Sharing. In: 10th IEEE International Symposium on High Performance Distributed Computing, San Francisco, pp. 181–184 (2001)

    Google Scholar 

  10. McGuinness, D.L., Harmelen, F.: OWL web ontology language overview. W3C submission, W3C Recommendation (2003), http://www.w3.org/TR/owl-features/

  11. Horrocks, I., et al.: SWRL: A Semantic Web Rule Language Combining OWL and RuleML. W3C submission, http://www.w3.org/Submission/SWRL/

  12. Reichle, R., Wagner, M., Khan, M.U., Geihs, K., Lorenzo, J., Valla, M., Fra, C., Paspallis, N., Papadopoulos, G.A.: A Comprehensive Context Modeling Framework for Pervasive Computing Systems. In: Meier, R., Terzis, S. (eds.) DAIS 2008. LNCS, vol. 5053, pp. 281–295. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  13. Reichle, R., et al.: A Context Query Language for Pervasive Computing Environments. In: Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom 2008), Hong Kong (March 2008)

    Google Scholar 

  14. IST project MUSIC, Self-Adapting Applications for Mobile Users in Ubiquitous Computing Environment project, http://www.ist-music.eu

Download references

Author information

Authors and Affiliations

  1. Appear Networks, Kista Science Tower, 164 51, Kista, Sweden

    Alireza Behrooz

  2. Ericsson Research, Färögatan 6, 164 80, Stockholm, Sweden

    Alisa Devlic

Authors
  1. Alireza Behrooz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alisa Devlic
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Aalborg University, Niels Jernes Vej 10, 9220, Aalborg, Denmark

    Ramjee Prasad

  2. University of West Hungary, Sopron, and Budapest University of Technology and Economics, 1117, Budapest, Hungary

    Károly Farkas

  3. Novalyst IT AG, Robert-Bosch Str. 38, 61184, Karben, Germany

    Andreas U. Schmidt

  4. Dipartimento di Automatica e Informatica, Politecnico di Torino, 10129, Torino, Italy

    Antonio Lioy

  5. CREATE-NET Research Consortium, via alla Cascata 56D, 38121, Trento, Italy

    Giovanni Russello

  6. Dipartimento di Informatica, Università Ca’ Foscari di Venezia, via Torino 155, 30172, Mestre, VE, Italy

    Flaminia L. Luccio

Rights and permissions

Reprints and permissions

Copyright information

© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Behrooz, A., Devlic, A. (2012). A Context-Aware Privacy Policy Language for Controlling Access to Context Information of Mobile Users. In: Prasad, R., Farkas, K., Schmidt, A.U., Lioy, A., Russello, G., Luccio, F.L. (eds) Security and Privacy in Mobile Information and Communication Systems. MobiSec 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 94. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30244-2_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-30244-2_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30243-5

  • Online ISBN: 978-3-642-30244-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation