Although future computing technologies have been rapidly developed and it has provided diverse social services to users, there are ongoing issues for users in safety. This paper deals with the privacy problems in future-centric computing environments. In daily life, as users are increasingly participating in various social contexts, some researchers have developed a facility to commence daily life service with wearable computing technologies. This makes it possible for users to store all their daily events or the collected data using their devices. These data can be shared with other people or some service providers only if the user agrees. However, the problem is that there are some potential risks about privacy in the cases of inter-domain web service usage or sharing their data with others. As the solution, the authors propose a new method, privacy-aware access control through negotiation process (N-PAC). This method enables a user to accomplish self-determination and self-control of personal information in the coming ubiquitous computing environments.
Privacy, Personal Information, Self-Determination, Self-Control, Negotiation, Encryption, Daily Life Service
Agrawal, R. Kiernan, J. Srikant, R. and Xu. Y. (2002). Hippocratic databases. In The 28th International Conference on Very Large Databases (VLDB), Hong Kong, China, August.
C.A. Ardagna, E. Damiani, M. Cremonini, S. De Capitani di Vimercati, and P. Samarati. The architecture of a privacy-aware access control decision component. In Proc. of the Construction and Analysis of Safe, Secure and Interoperable Smart devices (CASSIS’05), 2005
P. Ashley, S. Hada, C. Powers and M. Schunter. Enterprise Privacy Authorization Language (EPAL). IBM Research, 2003.
J. Byun, E. Bertino, and N. Li. Purpose-based access control for privacy protection in relational database systems. Technical Report 2004-52, Purdue University, 2004.
J. Byun, E. Bertino, and N. Li. Purpose based access control of complex data for privacy protection, Symposium on Access Control Models and Technologies Proceedings of the tenth ACM symposium on Access control models and technologies , Pages: 102 - 110, 2005
Ann Cavoukian, Genetic Privacy: the right “not to know”, Notes for Remarksin 10th World Congress on Medical Law, 1994
Marco Casassa Mont, Siani Pearson, Pete Bramhall, An Adaptive Privacy Management System For Data Repositories, Trusted Systems Laboratory HP Laboratories Bristol, HPL-2004-211 November 18, 2004
Eldin' and Rend Wagenaar, Towards users driven privacy control, Systems, Man and Cybernetics, 2004 IEEE International Conference on, Volume 5, pp. 4673- 4679, 2004
Wolfgang Hommel, An Architecture for Privacy-Aware Inter-domain Identity Management, DSOM 2005, LNCS 3775, pp. 49–60, 2005.
El-Khatib, K., A Privacy Negotiation Protocol for Web Services, Workshop on Collaboration Agents: Autonomous Agents for Collaborative Environments Halifax, 2003.
Kristen LeFevre, Rakesh Agrawal, Vuk Ercegovac, Raghu Ramakrishnan, Yirong Xu, and David DeWitt. Disclosure in Hippocratic databases. In The 30th International Conference onVery Large Databases (VLDB), August 2004.
Hyung-Jin Mun, Keon Myung Lee, and Sang-Ho Lee, Person-Wise Privacy Level Access Control for Personal Information Directory Services, EUC 2006, Springer LNCS 4096, Aug, 01, 2006, pp. 89-96
Q Ni, D Lin, E Bertino, J Lobo, Conditional Privacy-Aware Role Based Access Control, ESORICS 2007, LNCS 4734, pp. 72-89, 2007
Sabah S. Al-Fedaghi, Beyond Purpose-Based Privacy Access Control. In Proc. Eighteenth Australasian Database Conference (ADC 2007), Ballarat, Australia. CRPIT, 63. Bailey, J. and Fekete, A., Eds. ACS. 23-32
P3P (2002). The Platform for Privacy Preferences 1.0(P3P1.0) Specification, The Wolrld Wide Web Consortium, April 16, 2002, http://www.w3.org/p3p/.