TY - JOUR
T1 - A formal privacy system and its application to location based services
AU - Gunter, Carl A.
AU - May, Michael J.
AU - Stubblebine, Stuart G.
PY - 2005
Y1 - 2005
N2 - There are a variety of well-known models for access control developed for purposes like formally modeling the access rights on files, databases, and web resources. However, the existing models provide an inadequate representation of a number of concepts that are important when modeling privacy rights in distributed systems. We present an analog of the access control matrix designed to model such concepts. Our formalism, which we call a privacy system, empashizes the management of data and actions that affect the privacy of subjects. We motivate privacy systems, describe them mathematically, and illustrate their value in an architecture based on Personal Digital Rights Management (PDRM), which uses DRM concepts as a foundation for the specification and negotiation of privacy rights. This illustration is carried out throuh a case study of a privacy-respecting system for location based services. Our prototype, which we call AdLoc, manages advertising interupts on PDAs based on their location as determined by WiFi sightings in accordance with contracts written in the DRM language XrML.
AB - There are a variety of well-known models for access control developed for purposes like formally modeling the access rights on files, databases, and web resources. However, the existing models provide an inadequate representation of a number of concepts that are important when modeling privacy rights in distributed systems. We present an analog of the access control matrix designed to model such concepts. Our formalism, which we call a privacy system, empashizes the management of data and actions that affect the privacy of subjects. We motivate privacy systems, describe them mathematically, and illustrate their value in an architecture based on Personal Digital Rights Management (PDRM), which uses DRM concepts as a foundation for the specification and negotiation of privacy rights. This illustration is carried out throuh a case study of a privacy-respecting system for location based services. Our prototype, which we call AdLoc, manages advertising interupts on PDAs based on their location as determined by WiFi sightings in accordance with contracts written in the DRM language XrML.
UR - http://www.scopus.com/inward/record.url?scp=24344463958&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=24344463958&partnerID=8YFLogxK
U2 - 10.1007/11423409_17
DO - 10.1007/11423409_17
M3 - Conference article
AN - SCOPUS:24344463958
VL - 3424
SP - 256
EP - 282
JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SN - 0302-9743
T2 - 4th International Workshop on Privacy Enhancing Technologies, PET 2004
Y2 - 26 May 2004 through 28 May 2004
ER -