A User-Centric Privacy Framework for Pervasive Environments

  • Susana Alcalde Bagüés
  • Andreas Zeidler
  • Carlos Fernandez Valdivielso
  • Ignacio R. Matias
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4278)


One distinctive feature of pervasive computing environments is the common need to gather and process context information about real persons. Unfortunately, this unavoidably affects persons’ privacy. Each time someone uses a cellular phone, a credit card, or surfs the web, he leaves a trace that is stored and processed. In a pervasive sensing environment, however, the amount of information collected is much larger than today and also might be used to reconstruct personal information with great accuracy. The question we address in this paper is how to control dissemination and flow of personal data across organizational, and personal boundaries, i.e., to potential addressees of privacy relevant information. This paper presents the User-Centric Privacy Framework (UCPF). It aims at protecting a user’s privacy based on the enforcement of privacy preferences. They are expressed as a set of constraints over some set of context information. To achieve the goal of cross-boundary control, we introduce two novel abstractions, namely Transformations and Foreign Constraints, in order to extend the possibilities of a user to describe privacy protection criteria beyond the expressiveness usually found today. Transformations are understood as any process that the user may define over a specific piece of context. This is a main building block for obfuscating – or even plainly lying about – the context in question. Foreign Constraints are an important complementing extension because they allow for modeling conditions defined on external users that are not the tracked individual, but may influence disclosure of personal data to third parties. We are confident that these two easy-to-use abstractions together with the general privacy framework presented in this paper constitute a strong contribution to the protection of the personal privacy in pervasive computing environments.


Context Information Policy Language Policy Decision Point Privacy Preference Policy Enforcement Point 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Beresford, A.R., Stajano, F.: Location privacy in pervasive computing. IEEE Pervasive Computing 2(1), 46–55 (2003)CrossRefGoogle Scholar
  2. 2.
    Cranor, L., Langheinrich, M., Marchiori, M., Reagle, J.: The platform for privacy preferences 1.0 (P3P1.0) specification. W3C Recommendation (April 2002)Google Scholar
  3. 3.
    Cuellar, J.R.: Location information privacy. In: Sarikaya, B. (ed.) Geographic Location in the Internet, pp. 179–212. Kluwer Academic Publishers, Norwell (2002)CrossRefGoogle Scholar
  4. 4.
    Damianou, N., Dulay, N., Lupu, E., Sloman, M.: Ponder: A language for specifying security and management policies for distributed systems (2000)Google Scholar
  5. 5.
    Duckham, M., Kulik, L.: A formal model of obfuscation and negotiation for location privacy. In: Gellersen, H.-W., Want, R., Schmidt, A. (eds.) PERVASIVE 2005. LNCS, vol. 3468, pp. 152–170. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Gruteser, M., Grunwald, D.: Anonymous Usage of Location-Based Services Through Spatial and Temporal Cloaking. In: Proceedings of the First International Conference on Mobile Systems, Applications, and Services (May 2003)Google Scholar
  7. 7.
    Hong, J.I., Landay, J.A.: An architecture for privacy-sensitive ubiquitous computing. In: MobiSYS 2004: Proceedings of the 2nd international conference on Mobile systems, applications, and services, pp. 177–189. ACM Press, New York (2004)CrossRefGoogle Scholar
  8. 8.
    Kagal, L.: Rei ontology specifications, version 2.0 (July 2004)
  9. 9.
    Kagal, L., Finin, T., Joshi, A.: A policy language for a pervasive computing environment. In: Proceedings of the 4th International Workshop on Policies for Distributed Systems and Networks (September 2003)Google Scholar
  10. 10.
    Küpper, A.: Location–based Services — Fundamentals and Operation. John Wiley & Sons, Chichester (2005)CrossRefGoogle Scholar
  11. 11.
    Langheinrich, M.: A privacy awareness system for ubiquitous computing environments. In: Borriello, G., Holmquist, L.E. (eds.) UbiComp 2002. LNCS, vol. 2498, pp. 237–245. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Langheinrich, M., Cranor, L., Marchiori, M.: Appel: A P3P Preference Exchange Language. W3C Working Draft (April 2002)Google Scholar
  13. 13.
    Myles, G., Friday, A., Davies, N.: Preserving privacy in environments with location-based applications. IEEE Pervasive Computing 2(1), 56–64 (2003)CrossRefGoogle Scholar
  14. 14.
    Pfitzmann, A., Köhntopp, M.: Anonymity, unobservability, and pseudonymity - A proposal for terminology. In: Federrath, H. (ed.) Proceedings of the International Workshop on Design Issues in Anonymity and Unobservability, Berkeley, CA, USA, Springer, Heidelberg (2001)Google Scholar
  15. 15.
    Schulzrinne, H., Tschofenig, H., Morris, J., Cuellar, J., Polk, J.: A document format for expressing privacy preferences for location information (February 2006),
  16. 16.
    Sloman, M.: Policy driven management for distributed systems. Journal of Network and Systems Management 2, 333–360 (1994)CrossRefGoogle Scholar
  17. 17.
    Snekkenes, E.: Concepts for personal location privacy policies. In: EC 2001: Proceedings of the 3rd ACM conference on Electronic Commerce, Tampa, Florida, USA, October 2001, pp. 48–57. ACM Press, New York (2001)CrossRefGoogle Scholar
  18. 18.
    Sweeney, L.: k-Anonymity: a model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems 10(5), 557–570 (2002)MATHCrossRefMathSciNetGoogle Scholar
  19. 19.
    The OWL Services Coalition. OWL-S: Semantic markup for web services (November 2004),
  20. 20.
    Weiser, M.: The computer for the twenty-first century. Scientific American, 94–104 (September 1991)Google Scholar
  21. 21.
    Yavatkar, R., Pendarakis, D., Guerin, R.: RFC2753 - A framework for policy-based admission control (January 2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Susana Alcalde Bagüés
    • 1
    • 2
  • Andreas Zeidler
    • 1
  • Carlos Fernandez Valdivielso
    • 2
  • Ignacio R. Matias
    • 2
  1. 1.Siemens AG, Corporate TechnologyMunichGermany
  2. 2.Department of Electrical and Electronic EngineeringPublic University of NavarraNavarraSpain

Personalised recommendations