ABSTRACT
This paper presents a privacy-aware localization service which has been developed to fulfill the privacy requirements of an assistance system for elderly people. The privacy concept is based on the sticky-policy approach that simplifies the enforcement of policies in a distributed environment. We discuss two well-known policy languages, XACML and GEOPRIVs Common Policy, in respect to their usability for our scenario.
- A. Anderson. A comparison of two privacy policy languages: EPAL and XACML. Technical Report 2005-147, Sun Microsystems Laboratories, 2005. Available from: http://research.sun.com/techrep/2005/abstract-147.html. Google ScholarDigital Library
- P. Ashley and G. Karjoth. Shortcomings of P3P for privacy authorization - lessons learned when using P3P-based Privacy Manager 1.1. In W3C Workshop on the long term Future of P3P and Enterprise Privacy Languages. W3C, June 2003. Available from: http://www.w3.org/2003/p3p-ws/pp/ibm1.html.Google Scholar
- T. Clausen and P. Jacquet. Optimized Link State Routing Protocol (OLSR). RFC 3626, Internet Engineering Task Force, October 2003. Available from: http://tools.ietf.org/html/rfc3626. Google ScholarDigital Library
- Enterprise Privacy Authorization Language (EPAL 1.2). W3C Member Submission, November 2003. Available from: http://www.w3.org/Submission/2003/SUBM-EPAL-20031110/.Google Scholar
- Eurostat. Population projections - projected old-age dependency ratio, 2011. Available from: http://epp.eurostat.ec.europa.eu/tgm/table.do?tab=table&init=1&language=en.Google Scholar
- S. Fudickar and B. Schnor. KopAL - a mobile orientation system for dementia patients. In Communications in Computer and Information Science, Int. Conf. Intelligent Interactive Assistance and Mobile Multimedia Computing, volume 53, pages 109--118, Berlin Heidelberg, Germany, November 2009. Springer.Google ScholarCross Ref
- S. Fudickar, B. Schnor, J. Felber, F. J. Neyer, M. Lenz, and M. Stede. KopAL - An Orientation System For Patients With Dementia. IOS Press, to appear, 2011.Google Scholar
- M. Kruppa. Emergency indoor and outdoor user localization. In Demographischer Wandel - Assistenzsysteme aus der Forschung in den Markt (Proceedings 4. Deutscher AAL-Kongress), Berlin, January 2011. VDE Verlag.Google Scholar
- M. Maaser and P. Langendörfer. Privacy from promises to protection: privacy guaranteeing execution container. Mobile Networks and Applications, 14:65--81, February 2009. Google ScholarDigital Library
- M. C. Mont, S. Pearson, and P. Bramhall. Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services. In Proceedings of the 14th International Workshop on Database and Expert Systems Applications, page 377. IEEE Computer Society, 2003. Google ScholarDigital Library
- J. Morris and J. Peterson. Who's watching you now? IEEE Security and Privacy, 5:76--79, 2007. Google ScholarDigital Library
- OECD guidelines on the protection of privacy and transborder flows of personal data, 1980. Available from: http://www.oecd.org/document/18/0,2340,en_2649_34255_1815186_1_1_1_1,00.html.Google Scholar
- The Platform for Privacy Preferences 1.1 (P3P 1.1) Specification. W3C Group Note, November 2006. Available from: http://www.w3.org/TR/2006/NOTE-P3P11-20061113/.Google Scholar
- M. Rost and I. Brameshuber. Datenschutz in AAL-Systemen: Schutzziele und Anforderungen an ihre Umsetzung. In Demographischer Wandel - Assistenzsysteme aus der Forschung in den Markt (Proceedings 4. Deutscher AAL-Kongress), Berlin, January 2011. VDE Verlag.Google Scholar
- T. Scheffler, S. Geiß, and B. Schnor. An implementation of a privacy enforcement scheme based on the Java security framework using XACML policies. In Proceedings of the IFIP TC 11, 23rd International Information Security Conference, volume 278/200, pages 157--171. Springer Boston, September 2008.Google ScholarCross Ref
- C. Schneider and E. Häusler. Mobilitätssichernde Assistenzsysteme - Ergebnisse einer Akzeptanzstudie, Mobility safeguarding assistance systems - Results of an acceptance test. In Demographischer Wandel - Assistenzsysteme aus der Forschung in den Markt (Proceedings 4. Deutscher AAL-Kongress), Berlin, January 2011. VDE Verlag.Google Scholar
- H. Schulzrinne, H. Tschofenig, J. Morris, J. Cuellar, J. Polk, and J. Rosenberg. Common Policy: A document format for expressing privacy preferences. RFC 4745, Internet Engineering Task Force, February 2007. Available from: http://tools.ietf.org/html/rfc4745.Google Scholar
- Sun's XACML implementation, 2005. Available from: http://sunxacml.sourceforge.net/.Google Scholar
- XACML-2.0. eXtensible Access Control Markup Language (XACML). OASIS-Standard, Feb. 2005. Available from: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml#XACML20.Google Scholar
- XPath. XML Path Language (XPath). W3C Recommendation, November 1999. Available from: http://www.w3.org/TR/1999/REC-xpath-19991116.Google Scholar
Index Terms
- A privacy-aware localization service for healthcare environments
Recommendations
A comparison of two privacy policy languages: EPAL and XACML
SWS '06: Proceedings of the 3rd ACM workshop on Secure web servicesCurrent regulatory requirements in the U.S. and other countries make it increasingly important for Web Services to be able to enforce and verify their compliance with privacy policies. Structured policy languages can play a major role by supporting ...
A comprehensive privacy-aware authorization framework founded on HIPAA privacy rules
IHI '10: Proceedings of the 1st ACM International Health Informatics SymposiumHealth care entities publish privacy polices that are aligned with government regulations such as Health Insurance Portability and Accountability Act (HIPPA) and promise to use and disclose health data according to the stated policies. However actual ...
Refinement checking for privacy policies
This paper presents a framework for analysis and comparison of privacy policies expressed in P3P (Platform for Privacy Preferences). In contrast to existing approaches to policy analysis, which focus on demonstrations of equality or equivalence of ...
Comments