Abstract
Location-Based Access Control (LBAC) systems support the evaluation of conditions on locations in the enforcement of access control policies. The ability to evaluate conditions on a set of authorized locations has a number of well-known advantages, including enriching access control expressiveness. However, when locations are used in combination with personal identities, users privacy must be considered. In this paper, we describe a solution to integrate a LBAC system with privacy-enhanced techniques based on location obfuscation. Our solution is based on a privacy-aware middleware component that explicitly addresses the trade-off between users privacy and location accuracy by satisfying preferences set by users and maximizing the quality of location information released to LBAC systems.
Please use the following forma! when citing this chapter: Ardagna, C, Cremonini, M., Damiani, E., De Capitani di Vimercati, S., and Samarati, P., 2007, in IFIP international Federation for Information Processing. Volume 232, New Approaches for Security, Privacy and Trust in Complex Environments, eds. Venter, H., Eloff, M., Lahuschagne, L., Eloff, J., von Solms, R., (Boston: Springer), pp. 313–324.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
C.A. Ardagna, M. Cremonini, E. Damiani, S. De Capitani di Vimercati, and P. Samarati. Location-based metadata and negotiation protocols for LBAC in a one-to-many scenario. In Proc. of the Workshop On Security and Privacy in Mobile and Wireless Networking, Coimbra, Portugal, May 2006.
C.A. Ardagna, M. Cremonini, E. Damiani, S. De Capitani di Vimercati, and P. Samarati. Supporting location-based conditions in access control policies. In Proc. of the ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS’06), Taipei, Taiwan, March 2006.
A. R. Beresford and F. Stajano. Mix zones: User privacy in location-aware services. In Proc. of the 2nd IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW’04), Orlando, Florida, March 2004.
C. Bettini, X.S. Wang, and S. Jajodia. Protecting privacy against location-based personal identification. In Proc. of the 2nd VLDB Workshop on Secure Data Management, Trondheim, Norway, September 2005.
E. Damiani, M. Anisetti, and V. Bellandi. Toward exploiting location-based and video information in negotiated access control policies. In Proc. of the 1st International Conference on Information Systems Security (ICISS 2005), Kolkata, India, December 2005.
M. Duckham and L. Kulik. A formal model of obfuscation and negotiation for location privacy. In Proc. of the 3rd International Conference on Pervasive Computing, Munich, Germany, May 2005.
D. Hong, M. Yuan, and V. Y. Shen. Dynamic privacy management: a plug-in service for the middleware in pervasive computing. In Proc. of the 7th International Conference on Human Computer Interaction with Mobile Devices & Services, Salzburg, Austria, September 2005.
G. Myles, A. Friday, and N. Davies. Preserving privacy in environments with location-based applications. IEEE Pervasive Computing, 2(1):56–64, 2003.
H. Naguib, G. Coulouris, and S. Mitchell. Middleware support for context-aware multimedia applications. In Proc. of the IFIP TC6 / WG6.1 3rd International Working Conference on New Developments in Distributed Applications and Interoperable Systems, Deventer, The Netherlands, September 2001.
K. Nahrstedt, D. Xu, D. Wichadakul, and B. Li. QoS-aware middleware for ubiquitous and heterogeneous environments. IEEE Communications Magazine, pages 140–148, November 2001.
A. Ranganathan, J. Al-Muhtadi, S. Chetan, R. H. Campbell, and M. D. Mickunas. Middlewhere: A middleware for location awareness in ubiquitous computing applications. In Proc. of the ACM/IF IP/USENIX 5th International Middleware Conference (Middleware 2004), Toronto, Ontario, Canada, October 2004.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 International Federation for Information Processing
About this paper
Cite this paper
Ardagna, C.A., Crcmonini, M., Damiani, E., De Vimercati, S., Samarati, P. (2007). A Middleware Architecture for Integrating Privacy Preferences and Location Accuracy. In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds) New Approaches for Security, Privacy and Trust in Complex Environments. SEC 2007. IFIP International Federation for Information Processing, vol 232. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-72367-9_27
Download citation
DOI: https://doi.org/10.1007/978-0-387-72367-9_27
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-72366-2
Online ISBN: 978-0-387-72367-9
eBook Packages: Computer ScienceComputer Science (R0)