An Access Control Model for Location based Services

Cameron Ross Dunne, Thibault Candebat, David Gray

Abstract

In this paper we propose an access control model for use by a trusted middleware infrastructure, which is part of an architecture that supports the operation of Location Based Services (LBSs) over the Internet. This access control model provides users with increased security, and particularly privacy, by enabling them to create two different types of permissions based on how their location information is being used. These permissions specify which users and LBSs are entitled to obtain location information about which other users, under what circumstances the location information is released to the users and LBSs, and the accuracy of any location information that is released to the users and LBSs.

References

  1. D. Anthony, T. Henderson, and D. Kotz. Privacy in Location Aware Computing Environments. IEEE Pervasive, 6(4):64-72, Oct-Dec 2007.
  2. C. A. Ardagna, M. Cremonini, E. Damiani, S. D. C. di Vimercati, and P. Samarati. Location Privacy Protection Through Obfuscation-Based Techniques. In DBSec, volume 4602 of Lecture Notes in Computer Science, pages 47-60. Springer, 2007.
  3. V. Atluri and H. Shin. Efficient Security Policy Enforcement in a Location Based Service Environment. In S. Barker and G.-J. Ahn, editors, DBSec, volume 4602 of Lecture Notes in Computer Science, pages 61-76. Springer, 2007.
  4. L. Barkhuus and A. Dey. Location-Based Services for Mobile Telephony: a study of users' privacy concerns. In Proceedings of IFIP INTERACT03: Human-Computer Interaction, page 709. IFIP Technical Committee No 13 on Human-Computer Interaction, 2003.
  5. C. Hauser and M. Kabatnik. Towards Privacy Support in a Global Location Service. In IFIP Workshop on IP and ATM Traffic Management, Paris, pages 81-89, 2001.
  6. U. Hengartner and P. Steenkiste. Protecting Access to People Location Information. In Security in Pervasive Computing: First International Conference, Boppard, Germany, March 12-14, 2003. Revised Papers, volume 2802 / 2004, pages 25-38, 2004.
  7. S. Lederer, J. Mankoff, and A. K. Dey. Who wants to know what when? privacy preference determinants in ubiquitous computing. In CHI 7803: CHI 7803 extended abstracts on Human factors in computing systems, pages 724-725, New York, NY, USA, 2003. ACM.
  8. U. Leonhardt and J. Magee. Security Considerations for a Distributed Location Service. Journal of Network and Systems Management, 6(1):51-70, 1998.
  9. A. Pfitzmann and M. Hansen. Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management - A Consolidated Proposal for Terminology. Technische Universit├Ąt Dresden, Version v0.31, 15/2/2008.
Download


Paper Citation


in Harvard Style

Ross Dunne C., Candebat T. and Gray D. (2008). An Access Control Model for Location based Services . In Proceedings of the 6th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2008) ISBN 978-989-8111-44-9, pages 49-58. DOI: 10.5220/0001737200490058


in Bibtex Style

@conference{wosis08,
author={Cameron Ross Dunne and Thibault Candebat and David Gray},
title={An Access Control Model for Location based Services},
booktitle={Proceedings of the 6th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2008)},
year={2008},
pages={49-58},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001737200490058},
isbn={978-989-8111-44-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 6th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2008)
TI - An Access Control Model for Location based Services
SN - 978-989-8111-44-9
AU - Ross Dunne C.
AU - Candebat T.
AU - Gray D.
PY - 2008
SP - 49
EP - 58
DO - 10.5220/0001737200490058