Abstract
Ubiquitous computing provides new types of information for which access needs to be controlled. For instance, a person’s current location is a sensitive piece of information, and only authorized entities should be able to learn it. We present several challenges that arise for the specification and implementation of policies controlling access to location information. For example, there can be multiple sources of location information, policies need to be flexible, conflicts between policies might occur, and privacy issues need to be taken into account. Different environments handle these challenges in a different way. We discuss the challenges in the context of a hospital and a university environment. We show how our design of an access control mechanism for a system providing people location information addresses the challenges. Our mechanism can be deployed in different environments. We demonstrate feasibility of our design with an example implementation based on digital certificates.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Garlan, D., Siewiorek, D., Smailagic, A., Steenkiste, P.: Project Aura: Towards Distraction-Free Pervasive Computing. IEEE Pervasive Computing 1, 22–31 (2002)
Bahl, P., Padmanabhan, V.: RADAR: An In-Building RF-Based User Location and Tracking System. In: Proceedings of IEEE Infocom 2000, pp. 775–784 (2000)
Priyantha, N., Chakraborty, A., Balakrishnan, H.: The Cricket Location-Support System. In: Proceedings of the Sixth Annual International Conference on Mobile Computing and Networking (MobiCom 2000) (2000)
Spreitzer, M., Theimer, M.: Providing Location Information in a Ubiquitous Computing Environment. In: Proceedings of SIGOPS 1993, pp. 270–283 (1993)
Leonhardt, U., Magee, J.: Security Considerations for a Distributed Location Service. Journal of Network and Systems Management 6, 51–70 (1998)
Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylonen, T.: SPKI Certificate Theory. RFC 2693 (1999)
Judd, G., Steenkiste, P.: Providing Contextual Information to Ubiquitous Computing Applications. To appear in Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom 2003) (2003)
Howell, J., Kotz, D.: End-to-end authorization. In: Proceedings of the 4th Symposium on Operating System Design & Implementation (OSDI 2000), pp. 151–164 (2000)
Harter, A., Hopper, A.: A Distributed Location System for the Active Office. IEEE Network 8, 62–70 (1994)
Ward, A., Jones, A., Hopper, A.: A New Location Technique for the Active Office. IEEE Personal Communications 4, 42–47 (1997)
Day, M., Aggarwal, S., Mohr, G., Vincent, J.: Instant Messaging / Presence Protocol Requirements. RFC 2779 (2000)
Greening, D.: Location Privacy (2002), http://www.openmobilealliance.org/lif/
Cuellar, J., Morris, J.B., Mulligan, D.: Geopriv requirements. Internet Draft (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hengartner, U., Steenkiste, P. (2004). Protecting Access to People Location Information. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds) Security in Pervasive Computing. Lecture Notes in Computer Science, vol 2802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39881-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-540-39881-3_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20887-7
Online ISBN: 978-3-540-39881-3
eBook Packages: Springer Book Archive