research-article

A privacy-aware localization service for healthcare environments

Authors:
Thomas Scheffler

Beuth Hochschule, Berlin Germany

Beuth Hochschule, Berlin Germany
View Profile

,
Sven Schindler

Potsdam University Germany

Potsdam University Germany
View Profile

,
Marcus Lewerenz

Potsdam University Germany

Potsdam University Germany
View Profile

,
Bettina Schnor

Potsdam University Germany

Potsdam University Germany
View Profile

PETRA '11: Proceedings of the 4th International Conference on PErvasive Technologies Related to Assistive EnvironmentsMay 2011Article No.: 51Pages 1–8https://doi.org/10.1145/2141622.2141683

Published:25 May 2011Publication History

PETRA '11: Proceedings of the 4th International Conference on PErvasive Technologies Related to Assistive Environments

Pages 1–8

ABSTRACT

This paper presents a privacy-aware localization service which has been developed to fulfill the privacy requirements of an assistance system for elderly people. The privacy concept is based on the sticky-policy approach that simplifies the enforcement of policies in a distributed environment. We discuss two well-known policy languages, XACML and GEOPRIVs Common Policy, in respect to their usability for our scenario.

References

A. Anderson. A comparison of two privacy policy languages: EPAL and XACML. Technical Report 2005-147, Sun Microsystems Laboratories, 2005. Available from: http://research.sun.com/techrep/2005/abstract-147.html. Google ScholarDigital Library
P. Ashley and G. Karjoth. Shortcomings of P3P for privacy authorization - lessons learned when using P3P-based Privacy Manager 1.1. In W3C Workshop on the long term Future of P3P and Enterprise Privacy Languages. W3C, June 2003. Available from: http://www.w3.org/2003/p3p-ws/pp/ibm1.html.Google Scholar
T. Clausen and P. Jacquet. Optimized Link State Routing Protocol (OLSR). RFC 3626, Internet Engineering Task Force, October 2003. Available from: http://tools.ietf.org/html/rfc3626. Google ScholarDigital Library
Enterprise Privacy Authorization Language (EPAL 1.2). W3C Member Submission, November 2003. Available from: http://www.w3.org/Submission/2003/SUBM-EPAL-20031110/.Google Scholar
Eurostat. Population projections - projected old-age dependency ratio, 2011. Available from: http://epp.eurostat.ec.europa.eu/tgm/table.do?tab=table&init=1&language=en.Google Scholar
S. Fudickar and B. Schnor. KopAL - a mobile orientation system for dementia patients. In Communications in Computer and Information Science, Int. Conf. Intelligent Interactive Assistance and Mobile Multimedia Computing, volume 53, pages 109--118, Berlin Heidelberg, Germany, November 2009. Springer.Google ScholarCross Ref
S. Fudickar, B. Schnor, J. Felber, F. J. Neyer, M. Lenz, and M. Stede. KopAL - An Orientation System For Patients With Dementia. IOS Press, to appear, 2011.Google Scholar
M. Kruppa. Emergency indoor and outdoor user localization. In Demographischer Wandel - Assistenzsysteme aus der Forschung in den Markt (Proceedings 4. Deutscher AAL-Kongress), Berlin, January 2011. VDE Verlag.Google Scholar
M. Maaser and P. Langendörfer. Privacy from promises to protection: privacy guaranteeing execution container. Mobile Networks and Applications, 14:65--81, February 2009. Google ScholarDigital Library
M. C. Mont, S. Pearson, and P. Bramhall. Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services. In Proceedings of the 14th International Workshop on Database and Expert Systems Applications, page 377. IEEE Computer Society, 2003. Google ScholarDigital Library
J. Morris and J. Peterson. Who's watching you now? IEEE Security and Privacy, 5:76--79, 2007. Google ScholarDigital Library
OECD guidelines on the protection of privacy and transborder flows of personal data, 1980. Available from: http://www.oecd.org/document/18/0,2340,en_2649_34255_1815186_1_1_1_1,00.html.Google Scholar
The Platform for Privacy Preferences 1.1 (P3P 1.1) Specification. W3C Group Note, November 2006. Available from: http://www.w3.org/TR/2006/NOTE-P3P11-20061113/.Google Scholar
M. Rost and I. Brameshuber. Datenschutz in AAL-Systemen: Schutzziele und Anforderungen an ihre Umsetzung. In Demographischer Wandel - Assistenzsysteme aus der Forschung in den Markt (Proceedings 4. Deutscher AAL-Kongress), Berlin, January 2011. VDE Verlag.Google Scholar
T. Scheffler, S. Geiß, and B. Schnor. An implementation of a privacy enforcement scheme based on the Java security framework using XACML policies. In Proceedings of the IFIP TC 11, 23rd International Information Security Conference, volume 278/200, pages 157--171. Springer Boston, September 2008.Google ScholarCross Ref
C. Schneider and E. Häusler. Mobilitätssichernde Assistenzsysteme - Ergebnisse einer Akzeptanzstudie, Mobility safeguarding assistance systems - Results of an acceptance test. In Demographischer Wandel - Assistenzsysteme aus der Forschung in den Markt (Proceedings 4. Deutscher AAL-Kongress), Berlin, January 2011. VDE Verlag.Google Scholar
H. Schulzrinne, H. Tschofenig, J. Morris, J. Cuellar, J. Polk, and J. Rosenberg. Common Policy: A document format for expressing privacy preferences. RFC 4745, Internet Engineering Task Force, February 2007. Available from: http://tools.ietf.org/html/rfc4745.Google Scholar
Sun's XACML implementation, 2005. Available from: http://sunxacml.sourceforge.net/.Google Scholar
XACML-2.0. eXtensible Access Control Markup Language (XACML). OASIS-Standard, Feb. 2005. Available from: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml#XACML20.Google Scholar
XPath. XML Path Language (XPath). W3C Recommendation, November 1999. Available from: http://www.w3.org/TR/1999/REC-xpath-19991116.Google Scholar

Index Terms

A privacy-aware localization service for healthcare environments
1. Security and privacy
  1. Human and societal aspects of security and privacy
2. Social and professional topics

Recommendations

A comparison of two privacy policy languages: EPAL and XACML
SWS '06: Proceedings of the 3rd ACM workshop on Secure web services

Current regulatory requirements in the U.S. and other countries make it increasingly important for Web Services to be able to enforce and verify their compliance with privacy policies. Structured policy languages can play a major role by supporting ...
Read More
A comprehensive privacy-aware authorization framework founded on HIPAA privacy rules
IHI '10: Proceedings of the 1st ACM International Health Informatics Symposium

Health care entities publish privacy polices that are aligned with government regulations such as Health Insurance Portability and Accountability Act (HIPPA) and promise to use and disclose health data according to the stated policies. However actual ...
Read More
Refinement checking for privacy policies

This paper presents a framework for analysis and comparison of privacy policies expressed in P3P (Platform for Privacy Preferences). In contrast to existing approaches to policy analysis, which focus on demonstrations of equality or equivalence of ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
PETRA '11: Proceedings of the 4th International Conference on PErvasive Technologies Related to Assistive Environments
May 2011
401 pages
ISBN:9781450307727
DOI:10.1145/2141622
Program Chairs:
Margrit Betke
Boston University
,
Ilias Maglogiannis
University of Central Greece, Greece
,
Grammati Pantziou
TEI of Athens (Department of Informatics), Greece
Copyright © 2011 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 25 May 2011
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
GEOPRIV
XACML
localization
privacy policy
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 4
  Total Citations
  View Citations
- 168
  Total Downloads
- Downloads (Last 12 months)8
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A privacy-aware localization service for healthcare environments

PETRA '11: Proceedings of the 4th International Conference on PErvasive Technologies Related to Assistive Environments

ABSTRACT

References

Cited By

Index Terms

Recommendations

A comparison of two privacy policy languages: EPAL and XACML

A comprehensive privacy-aware authorization framework founded on HIPAA privacy rules

Refinement checking for privacy policies