Abstract
There are a variety of well-known models for access control developed for purposes like formally modeling the access rights on files, databases, and web resources. However, the existing models provide an inadequate representation of a number of concepts that are important when modeling privacy rights in distributed systems. We present an analog of the access control matrix designed to model such concepts. Our formalism, which we call a privacy system, empashizes the management of data and actions that affect the privacy of subjects. We motivate privacy systems, describe them mathematically, and illustrate their value in an architecture based on Personal Digital Rights Management (PDRM), which uses DRM concepts as a foundation for the specification and negotiation of privacy rights. This illustration is carried out throuh a case study of a privacy-respecting system for location based services. Our prototype, which we call AdLoc, manages advertising interupts on PDAs based on their location as determined by WiFi sightings in accordance with contracts written in the DRM language XrML.
| Original language | English (US) |
|---|---|
| Pages (from-to) | 256-282 |
| Number of pages | 27 |
| Journal | Lecture Notes in Computer Science |
| Volume | 3424 |
| DOIs | |
| State | Published - 2005 |
| Externally published | Yes |
| Event | 4th International Workshop on Privacy Enhancing Technologies, PET 2004 - Toronto, Ont., Canada Duration: May 26 2004 → May 28 2004 |
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science