PPM: Privacy Policy Manager for Personalized Services

  • Shinsaku Kiyomoto
  • Toru Nakamura
  • Haruo Takasaki
  • Ryu Watanabe
  • Yutaka Miyake
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8128)


In this paper, we introduce a new architecture for personalized services. The architecture separates access control using a user own privacy policy from data storage for private information, and it supports privacy policy management by users. We design a core module, the Privacy Policy Manager (PPM). The module includes several functionalities: ID management, privacy policy management, control of information flows, and recording the flows.


Service Provider Access Control Private Information Privacy Policy User Authentication 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Acquisti, A., Grossklags, J.: Privacy and rationality in individual decision making. IEEE Security Privacy 3(1), 26–33 (2005)CrossRefGoogle Scholar
  2. 2.
    Altmann, J., Sampath, R.: Unique: A user-centric framework for network identity management. In: 10th IEEE/IFIP Network Operations and Management Symposium, NOMS 2006, pp. 495–506 (2006)Google Scholar
  3. 3.
    Ardagna, C.A., Cremonini, M., De Capitani di Vimercati, S., Samarati, P.: An obfuscation-based approach for protecting location privacy. IEEE Transactions on Dependable and Secure Computing 8(1), 13–27 (2011)CrossRefGoogle Scholar
  4. 4.
    Backes, M., Karjoth, G., Bagga, W., Schunter, M.: Efficient comparison of enterprise privacy policies. In: Proceedings of the 2004 ACM Symposium on Applied Computing, SAC 2004, pp. 375–382 (2004)Google Scholar
  5. 5.
    Bamba, B., Liu, L., Pesti, P., Wang, T.: Supporting anonymous location queries in mobile environments with privacygrid. In: Proc. of 17th International World Wide Web Conference (WWW 2008), pp. 237–246 (2008)Google Scholar
  6. 6.
    Bekara, K., Ben Mustapha, Y., Laurent, M.: Xpacml extensible privacy access control markup language. In: 2010 Second International Conference on Communications and Networking (ComNet), pp. 1–5 (2010)Google Scholar
  7. 7.
    Biswas, D.: Privacy policies change management for smartphones. In: 2012 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 70–75 (2012)Google Scholar
  8. 8.
    Bylund, M., Karlgren, J., Olsson, F., Sanches, P., Arvidsson, C.-H.: Mirroring your web presence. In: Proceedings of the 2008 ACM Workshop on Search in Social Media, SSM 2008, pp. 87–90 (2008)Google Scholar
  9. 9.
    Chadwick, D.W.: Federated identity management. In: Foundations of Security Analysis and Design V, pp. 96–120 (2009)Google Scholar
  10. 10.
    Cranor, L.F.: P3p: making privacy policies more useful. IEEE Security Privacy 1(6), 50–55 (2003)CrossRefGoogle Scholar
  11. 11.
    Cranor, L.F., Arjula, M., Guduru, P.: Use of a p3p user agent by early adopters. In: Proceedings of the 2002 ACM Workshop on Privacy in the Electronic Society, WPES 2002, pp. 1–10 (2002)Google Scholar
  12. 12.
    Cranor, L.F., Guduru, P., Arjula, M.: User interfaces for privacy agents. ACM Trans. Comput.-Hum. Interact. 13(2), 135–178 (2006)CrossRefGoogle Scholar
  13. 13.
    Danube, P.: Danube, identity and communication for political and social innovation. Project Danube Web Page (2010),
  14. 14.
    Dehghantanha, A., Udzir, N.I., Mahmod, R.: Towards a pervasive formal privacy language. In: 2010 IEEE 24th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 1085–1091 (2010)Google Scholar
  15. 15.
    Deuker, A.: Addressing the privacy paradox by expanded privacy awareness - the example of context-aware services. Privacy and Identity Management for Life 320, 275–283 (2010)CrossRefGoogle Scholar
  16. 16.
    Dierks, T., Rescorla, E.: The transport layer security (TLS) protocol version 1.2. Internet Engineering Task Force (IETF), RFC5246 (2008)Google Scholar
  17. 17.
    Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Eap, T., Hatala, M., Gasevic, D.: Enabling user control with personal identity management. In: IEEE International Conference on Services Computing, SCC 2007, pp. 60–67 (2007)Google Scholar
  19. 19.
    Estrin, D.: Participatory sensing: applications and architecture [internet predictions]. IEEE Internet Computing 14(1), 12–42 (2010)CrossRefGoogle Scholar
  20. 20.
    Fienberg, S.E., McIntyre, J.: Data swapping: Variations on a theme by dalenius and reiss. In: Domingo-Ferrer, J., Torra, V. (eds.) PSD 2004. LNCS, vol. 3050, pp. 14–29. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  21. 21.
    The Eclipse Foundation. Higgins, personal data service. Higgins Home (2009),
  22. 22.
    Fredrikson, M., Livshits, B.: RePriv - re-envisioning in-browser privacy. Microsoft Research Technical Report, MSR-TR-2010-116 (2010)Google Scholar
  23. 23.
    Gedik, M., Liu, L.: A customizable k-anonymity model for protecting location privacy. In: Proc. of the 25th International Conference on Distributed Computing Systems (ICDCS 2005), pp. 620–629 (2005)Google Scholar
  24. 24.
    Ghinita, G., Kalnis, P., Skiadopoulos, S.: PRIVÉ: Anonymous location-based queries in distributed mobile systems. In: Proc. of 16th International World Wide Web Conference (WWW 2007), pp. 371–380 (2007)Google Scholar
  25. 25.
    Gruteser, M., Grunwald, D.: Anonymous usage of location-based services through spatial and temporal cloaking. In: Proc. of the 1st International Conference on Mobile Systems, Applications, and Services (MobiSys 2003), pp. 163–168 (2003)Google Scholar
  26. 26.
    Guha, S., Cheng, B., Francis, P.: Challenges in measuring online advertising systems. In: Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement, IMC 2010, pp. 81–87 (2010)Google Scholar
  27. 27.
    Guha, S., Reznichenko, A., Tang, K., Haddadi, H., Francis, P.: Serving ads from localhost for performance, privacy, and profit. In: Proc. of the 8th ACM Workshop on Hot Topics in Networks (HotNets-VIII), HOTNETS 2009 (2009)Google Scholar
  28. 28.
    Hardt, M., Nath, S.: Privacy-aware personalization for mobile advertising. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 662–673 (2012)Google Scholar
  29. 29.
    Hong, J.I., Landay, J.A.: An architecture for privacy-sensitive ubiquitous computing. In: Proc. of the 2nd International Conference on Mobile Systems, Applications, and Services (MobiSys 2004), pp. 177–189 (2004)Google Scholar
  30. 30.
    Jensen, C., Potts, C., Jensen, C.: Privacy practices of internet users: self-reports versus observed behavior. Int. J. Hum.-Comput. Stud. 63(1-2), 203–227 (2005)CrossRefGoogle Scholar
  31. 31.
    Kelley, P.G., Drielsma, P.H., Sadeh, N., Cranor, L.F.: User-controllable learning of security and privacy policies. In: Proc. of the 1st ACM Workshop on AISec, AISec 2008, pp. 11–18 (2008)Google Scholar
  32. 32.
    Kido, H., Yanagisawa, Y., Satoh, T.: An anonymous communication technique using dummies for location-based services. In: Proc. of IEEE International Conference on Pervasive Services 2005 (ICPS 2005), pp. 88–97 (2005)Google Scholar
  33. 33.
    Kolter, J., Pernul, G.: Generating user-understandable privacy preferences. In: International Conference on Availability, Reliability and Security, ARES 2009., pp. 299–306 (2009)Google Scholar
  34. 34.
    Korolova, A.: Privacy violations using microtargeted ads: A case study. In: Proceedings of the 2010 IEEE International Conference on Data Mining Workshops, ICDMW 2010, pp. 474–482 (2010)Google Scholar
  35. 35.
    Lin, J., Xiang, G., Hong, J.I., Sadeh, N.: Modeling people’s place naming preferences in location sharing. In: Proceedings of the 12th ACM International Conference on Ubiquitous Computing, Ubicomp 2010, pp. 75–84 (2010)Google Scholar
  36. 36.
    Mascetti, S., Bettini, C.: A comparison of spatial generalization algorithms for lbs privacy preservation. In: Proc. of the 1st International Workshop on Privacy-Aware Location-Based Mobile Services (PALMS 2007), pp. 258–262 (2007)Google Scholar
  37. 37.
    Mokbel, M.F.: Towards privacy-aware location-based database servers. In: Proc. of the 22nd Internationl Conference on Sata Engineering Workshops (ICDEW 2006), pp. 93–102 (2006)Google Scholar
  38. 38.
    Mokbel, M.F., Chow, C.Y., Aref, W.G.: The new casper: Query processing for location services without compromising privacy. In: Proc. of the 32nd International Conference on Very Large Data Bases (VLDB 2006), pp. 763–774 (2006)Google Scholar
  39. 39.
    Narayanan, A., Thiagarajan, N., Lakhani, M., Hamburg, M., Boneh, D.: Location privacy via private proximity testing. In: Proc. of the Network and Distributed System Security Symposium, NDSS 2011 (2011)Google Scholar
  40. 40.
    Pedersen, A.: P3 - problems, progress, potential. Privacy Laws & Business International Newsletter 2, 20–21 (2003)Google Scholar
  41. 41.
    Pollach, I.: What’s wrong with online privacy policies? Commun. ACM 50(9), 103–108 (2007)CrossRefGoogle Scholar
  42. 42.
    Searls, D.: Project vrm - vendor relationship management. Project of the Berkman Center for Internet Society at Harvard University (2013)Google Scholar
  43. 43.
    Solove, D.J.: Privacy self-management and the consent paradox. Harvard Law Review 126 (2013)Google Scholar
  44. 44.
    W3C. The platform for privacy preferences 1.0 (P3P1.0) specification. Platform for Privacy Preferences (P3P) Project (2002)Google Scholar
  45. 45.
    Winkler, W.E.: Masking and re-identification methods for public-use microdata: Overview and research problems. In: Domingo-Ferrer, J., Torra, V. (eds.) PSD 2004. LNCS, vol. 3050, pp. 231–246. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  46. 46.
    Wishart, R., Corapi, D., Madhavapeddy, A., Sloman, M.: Privacy butler: A personal privacy rights manager for online presence. In: 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 672–677 (2010)Google Scholar
  47. 47.
    Yee, G.O.M.: An automatic privacy policy agreement checker for e-services. In: International Conference on Availability, Reliability and Security, ARES 2009, pp. 307–315 (2009)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2013

Authors and Affiliations

  • Shinsaku Kiyomoto
    • 1
  • Toru Nakamura
    • 1
  • Haruo Takasaki
    • 2
  • Ryu Watanabe
    • 1
  • Yutaka Miyake
    • 1
  1. 1.KDDI R & D Laboratories Inc.Fujimino-shiJapan
  2. 2.KDDI Research Institute Inc.Chiyoda-kuJapan

Personalised recommendations