Privacy Engine for Context-Aware Enterprise Application Services

Blount, Marion; Davis, John S.; Ebling, Maria R.; Jerome, W.; Leiba, Barry; Liu, Xuan; Misra, Archan

doi:10.1109/euc.2008.130

Cited by 8 publications

(7 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…• Confidentiality: This characteristic shows the degree to which a piece of information is sensitive to unrestricted use and must be defined as to whom and circumstances under which it may be revealed, within the context of the definition of privacy policies [6]. This attribute should encompass all privacy/confidentiality requirements stemming from legislation (e.g.…”

Section: The Metadata Of Context Informationmentioning

confidence: 99%

“…Westin [79] defines privacy as ''the claim of individuals, groups or institutions to determine for themselves, when, how and to what extent information about them is communicated to others''. The privacy concern is a multidimensional concept including collection, improper access, error and secondary usage of personal data [6,83]. Similarly, marketing rules and guidelines must be followed.…”

Section: Privacy Concernsmentioning

confidence: 99%

“…In request-response mode it grants context only on explicit request while in event triggered mode the provision of context is fired from specific events. The distribution of context information will take place after taking into consideration the privacy policy [6,17] defining to whom and under which circumstances private context information may be distributed. When a user requests a service, a Rule Engine inside the Context Distributor will request the privacy policy of the service provider (mcommerce application) on behalf of the user.…”

Section: Context Managermentioning

confidence: 99%

See 2 more Smart Citations

Context management for m-commerce applications: determinants, methodology and the role of marketing

2012

View full text Add to dashboard Cite

Studying consumer behaviour and usage of environmental determinants in the mobile services domain contributes to the identification of context information which is critical for the effective operation of mobile commerce applications. Exploiting this information towards providing enhanced and innovative mobile services offers a competitive advantage within the highly demanding domain of m-commerce applications. However, in order to effectively exploit such context information, there is a need to design the necessary methods, software tools and information systems that will be employed for collecting, processing and disseminating this information. In this paper we develop a theoretical framework which defines the context information necessary for m-commerce applications, taking into account relevant marketing dimensions as well as privacy protection perspectives. Then, this framework is operationalized through the design of an appropriate software architecture which enables the standardization and management of context information.

show abstract

Section: The Metadata Of Context Informationmentioning

confidence: 99%

Section: Privacy Concernsmentioning

confidence: 99%

Section: Context Managermentioning

confidence: 99%

See 1 more Smart Citation

Context management for m-commerce applications: determinants, methodology and the role of marketing

2012

View full text Add to dashboard Cite

show abstract

“…Blount et al [20] analyzed the task of satisfying preferences for exposing context data to authorized applications and individuals. They developed a role‐based, context‐dependent privacy model for enterprise domains.…”

Section: Examplesmentioning

confidence: 99%

Awareness of context and privacy

Al-Fedaghi

2012

Bul. Am. Soc. Info. Sci. Tech.

View full text Add to dashboard Cite

EDITOR'S SUMMARY Adding contextual information enhances the content and value of communications, yet it can also introduce risk and threaten privacy. A common piece of contextual information is location, but context extends to identity, user profile, e-mail address, time and more. Understanding context from the standpoint of privacy awareness requires a systematic conceptualization of the concepts of privacy and context, personally identifiable information and the ways information flows, from processing and creation through transfer and acceptance. Numerous examples illustrate the potential chain of connections that could be revealed between a personal subject and context. Such information, made explicit, can undermine privacy policies. Integrating context-and location-aware services in software should be approached cautiously and with full understanding of the implications. Diagrammed scenarios provided can inform considerations and software specification building. KEYWORDS contextual information privacy personal information location based services software engineering information flow C ontext awareness refers to linking changes in the environment with systems.Context is an important factor in improving computerhuman communication. In ubiquitous computing, users work in a more dynamic context, and they can access services in a wide range of possible situations. A better understanding of context will help application designers determine which context-aware behaviors to support in their applications.After reviewing many definitions of context, Dey et al. proposed the following definition:Context is any information that can be used to characterize the situation of an entity. An entity is a person, place or object that is considered relevant to the interaction between a user and an application, including the user and applications themselves. [Italics added] [1, Section 2.2] According to Drost, This definition is not really consistent, because context is not information. From the broadest view possible, context is anything that could improve or influence the behavior of the application according to the environment in which the user operates. However [this] definition [is] one of the most widely used. [2, p. 4] In context-aware applications, context information is input when delivering a service. This information can be segregated into categories. A categorization of context types helps application designers uncover the pieces of context that will most likely be useful in their applications. Many such categorizations have been proposed. Ryan et al.[3] segregate primary context types into four categories: location, environment, identity and time. Dey et al. replace environment with activities, since environment "is a synonym for context and does not add to our investigation of context. Activity, on the other hand, answers a fundamental question of what is

show abstract

“…The Context Privacy Engine (CPE) [8] extends the traditional Access Control List (ACL) mechanism with a set of context constraints that have to be evaluated to validate a particular privacy policy. Context constraints are used to define context conditions that are associated to either the context owner or the context requestor, using XQuery expressions.…”

Section: Context Privacy Enginementioning

confidence: 99%

A Context-Aware Privacy Policy Language for Controlling Access to Context Information of Mobile Users

Behrooz

Devlić

2012

Security and Privacy in Mobile Information and Communication Systems

View full text Add to dashboard Cite

Abstract. This paper introduces a Context-aware Privacy Policy Language (CPPL) that enables mobile users to control who can access their context information, at what detail, and in which situation by specifying their contextaware privacy rules. Context-aware privacy rules map a set of privacy rules to one or more user's situations, in which these rules are valid. Each time a user's situation changes, a list of valid rules is updated, leaving only a subset of the specified rules to be evaluated by a privacy framework upon arrival of a context query. In the existing context-dependent privacy policy languages a user's context is used as an additional condition parameter in a privacy rule, thus all the specified privacy rules have to be evaluated when a request to access a user's context arrives. Keeping the number of rules that need to be evaluated small is important because evaluation of a large number of privacy rules can potentially increase the response time to a context query. CPPL also enables rules to be defined based on a user's social relationship with a context requestor, which reduces the number of rules that need to be defined by a user and that consequently need to be evaluated by a privacy mechanism. This paper shows that when compared to the existing context-dependent privacy policy languages, this number of rules (that are encoded using CPPL) decreases with an increasing number of user-defined situations and requestors that are represented by a small number of social relationship groups.

show abstract

Privacy Engine for Context-Aware Enterprise Application Services

Abstract: Abstract

Cited by 8 publications

References 17 publications

Context management for m-commerce applications: determinants, methodology and the role of marketing

Context management for m-commerce applications: determinants, methodology and the role of marketing

Awareness of context and privacy

A Context-Aware Privacy Policy Language for Controlling Access to Context Information of Mobile Users

Contact Info

Product

Resources

About