Implementing access control to people location information

10 years 9 months ago
Implementing access control to people location information
Ubiquitous computing uses a variety of information for which access needs to be controlled. For instance, a person’s current location is a sensitive piece of information, which only authorized entities should be able to learn. Several challenges arise in the specification and implementation of policies controlling access to location information. For example, there can be multiple sources of location information, the sources can be within different administrative domains, different administrative domains might allow different entities to specify policies, and policies need to be flexible. We address these issues in our design of an access control mechanism for a people location system. Our design encodes policies as digital certificates. We present an example implementation based on SPKI/SDSI certificates. Using measurements, we quantify the influence of access control on query processing time. We also discuss trade-offs between RSA-based and DSA-based signature schemes for digi...
Urs Hengartner, Peter Steenkiste
Added 30 Jun 2010
Updated 30 Jun 2010
Type Conference
Year 2004
Authors Urs Hengartner, Peter Steenkiste
Comments (0)