EFFICIENT POLICY-BASED ACCESS CONTROL IN WEB-BASED PERSONALIZATION MANAGEMENT - For Use in Convergent Applications

Heinz-Josef Eikerling

Abstract

Personalisation of web-centric user environments and applications to contextual information, as well as to the needs and preferences of the user is a contemporary concern. The involved personalisation data is usually captured by profiles and is sensitive to security concerns. Therefore mechanisms need to be devised to maintain privacy and data integrity, and to ensure proper access control. Within this paper we describe a system which handles access control by the definition of policies. The access control engine is a key component within the set of interacting services making up the profile access manager. Through this approach the according profiles can be potentially dispersed over different types of physical storage devices and access control can be featured quite independently of the actual storage type. Particularly, the integration of the different storage devices is facilitated which permits to bind locally stored profile data to data stored elsewhere (due to space or constraints with respect to accounting of profile information). We thus believe that the system is particularly applicable for convergent personalisation scenarios in which web-based personalisation data has to be combined with local information stored on mobile devices for nomadic use.

References

  1. Eikerling, H-J. et al. (2005, June). Customization of Secured Ubiquitous Environments via Advanced Profile Management, IST Mobile & Wireless Communications Summit, Dresden.
  2. Perich, F. et al. (2004, May). On Data Management in Pervasive Computing Environments. IEEE Transactions on Knowledge and Data Engineering, 16(5):621-634.
  3. Bukhres, O. et al. (1997). A Proposed Mobile Architecture for Distributed Database Environment. Technical report, Indiana University, Purdue University.
  4. Q. Ren and M. Dunham (2000, August). Using Semantic Caching to Manage Location Dependent Data in Mobile Computing. 6th Annual International Conference on Mobile Computing and Networking (MobiCom'00), Boston, MA, USA, pp. 210-221.
  5. M. Cherniack, E. Galvez, D. Brooks, M. Franklin, and S. Zdonik (2003, March). Profile-Driven Cache Management. Proceedings of the 19th International Conference on Data Engineering (ICDE), Bangalore, India.
  6. F. Almenárez, A. Marín, C. Campo, C. García-Rubio. PTM (2004). A Pervasive Trust Management Model for Dynamic Open Environments. Workshop on Pervasive Security, Privacy and Trust (PSPT 2004), Boston, USA.
  7. T. Moses (ed.) (2005). OASIS eXtensible Access Control Markup Language (XACML) Version 2.0, OA-SIS Standard.
Download


Paper Citation


in Harvard Style

Eikerling H. (2006). EFFICIENT POLICY-BASED ACCESS CONTROL IN WEB-BASED PERSONALIZATION MANAGEMENT - For Use in Convergent Applications . In Proceedings of WEBIST 2006 - Second International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-972-8865-46-7, pages 369-374. DOI: 10.5220/0001257003690374


in Bibtex Style

@conference{webist06,
author={Heinz-Josef Eikerling},
title={EFFICIENT POLICY-BASED ACCESS CONTROL IN WEB-BASED PERSONALIZATION MANAGEMENT - For Use in Convergent Applications},
booktitle={Proceedings of WEBIST 2006 - Second International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2006},
pages={369-374},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001257003690374},
isbn={978-972-8865-46-7},
}


in EndNote Style

TY - CONF
JO - Proceedings of WEBIST 2006 - Second International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - EFFICIENT POLICY-BASED ACCESS CONTROL IN WEB-BASED PERSONALIZATION MANAGEMENT - For Use in Convergent Applications
SN - 978-972-8865-46-7
AU - Eikerling H.
PY - 2006
SP - 369
EP - 374
DO - 10.5220/0001257003690374