Access control to people location information

ACM Transactions on Information and System Security

Volumn 8, Issue 4, 2005, Pages 424-456

  Hengartner, Urs ^a   Steenkiste, Peter ^b,c  

^a UNIVERSITY OF WATERLOO   (Canada)

^b CARNEGIE MELLON UNIVERSITY   (United States)

^c Carnegie Mellon University   (United States)

Author keywords

Certificates; Credential discovery; Delegation; DSA; Location; Privacy; RSA; SPKI SDSI; Trust

Indexed keywords

CERTIFICATES; CREDENTIAL DISCOVERY; DELEGATION; DSA; RSA; SPKI/SDSI; TRUST;

ALGORITHMS; DATA PRIVACY; INFORMATION RETRIEVAL; LOCATION; SECURITY OF DATA; SPECIFICATIONS;

COMPUTER NETWORKS;

EID: 33745432342     PISSN: 10949224     EISSN: 10949224     Source Type: Journal    
DOI: 10.1145/1108906.1108910     Document Type: Conference Paper

References (45)

1. AL-MUHTADI, J., RANGANATHAN, A., CAMPBELL, R., AND MICKUNAS, M. D. 2003. Cerberus: A context-aware security scheme for smart spaces. In Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom 2003). 489-496.
2. BAHL, P. AND PADMANABHAN, V. 2000. RADAR: An in-building RF-based user location and tracking system. In Proceedings of IEEE Infocom 2000. 775-784.
3. BAUER, L., SCHNEIDER, M. A., AND PELTEN, E. W. 2002. A general and flexible access-control system for the Web. In Proceedings of 11th Usenix Security Symposium. 93-108.
4. BERTINO, E., BONATTI, P. A., AND FERRARI, E. 2001. TRBAC: A temporal role-based access control model. ACM Trans. Informat. Syst. Secur. 4, 3 (Aug.), 191-233.
5. BERTINO, E., FERRARI, E., AND SQUICCIARINI, A. C. 2003. Trust-χ: An XML framework for trust negotations. In Proceedings of Communications and Multimedia Security 2003. 146-157.
6. BHATTI, R. 2003. X-GTRBAC: An XML-based policy specification framework and architecture for enterprise-wide access control. Tech. Rep. 2003-27, CERIAS, Purdue University.
7. BLAZE, M., IOANNIDIS, J., AND KEHOMYTIS, A. 1999. The KeyNote trust-management system version 2. RFC 2704.
8. CHAUM, D. 1981. Untraceable electronic mail, return addresses, and digital pseudonym. Communications of the ACM 24, 2 (Feb.), 84-88.
9. CHEN, H., FININ, T, AND JOSHI, A. 2004. Semantic Web in the context Broker architecture. In Proceedings of 2nd IEEE International Conference on Pervasive Computing and Communications (PerCom 2004). 277-286.
10. CLARKE, D., ELIEN, J.-E., FREDETTE, M., MORCOS, A., AND RIVEST, R. L. 2001. Certificate chain discovery in SPKI/SDSI. J. Comput. Secur. 9, 4, 285-322.
11. COVINOTON, M. J., FOGLA, P., ZHAN, Z., AND AHAMAD, M. 2002. A context-aware security architecture for emerging applications. In Proceedings of 18th Annual Computer Security Applications Conference (ACSAC 2002).
12. COVINGTON, M. J., LONG, W., SRINIVASAN, S., DEY, A., AHAMAD, M., AND ABOWD, G. 2001. Securing context-aware applications using environment roles. In Proceedings of 6th ACM Symposium on Access Control Models and Technologies (SACMAT '01). 10-20.
13. CRANOR, L., LANGHEINRICH, M., MARCHIORI, M., PRESLER-MARSHALL, M., AND REAGLE, J. 2002. The platform for privacy preferences 1.0 (P3P1.0) specification. W3C Recommendation.
14. DAY, M., AGGARWAL, S., MOHR, G., AND VINCENT, J. 2000. Instant messaging/presence protocol requirements. RFC 2779.
15. DIFFIE, W., VAN OORSCHOT, P., AND WIENER, M. 1992. Authentication and authenticated key exchanges. Designs, Codes and Cryptography 2, 107-125.
16. ELLISON, C., FRANTZ, B., LAMPSON, B., RIVEST, R., THOMAS, B., AND YLONEN, T. 1999. SPKI certificate theory. RFC 2693.
17. GANDON, F. AND SADEH, N. 2003. A semantic eWallet to reconcile privacy and context awareness. In Proceedings of 2nd International Semantic Web Conference (ISWC2003).
18. GARLAN, D., SIEWIOREK, D., SMAILAGIC, A., AND STEENKISTE, P. 2002. Project Aura: Towards distraction-free pervasive computing. IEEE Pervasive Computing 1, 2 (Apr.-June), 22-31.
19. GODIK, S. AND MOSES, T. 2003. extensible access control markup language (XACML) version 1.0. OASIS Standard.
20. HALPERN, J. Y. AND VAN DER MEYDEN, R. 2001. A logical reconstruction of SPKI. In Proceedings of 14th IEEE Computer Security Foundations Workshop (CSFW-14). 59-70.
21. HARTER, A. AND HOPPER, A. 1994. A distributed location system for the active office. IEEE Network 8, 1 (Jan.), 62-70.
22. HENOARTNER, U. AND STEENKISTE, P. 2004. Implementing access control to people location information. In Proceedings of 9th ACM Symposium on Access Control Models and Technologies (SACMAT 2004). 11-20.
23. HENGARTNER, U. AND STEENKISTE, P. 2005. Exploiting hierarchical identity-based encryption for access control to pervasive computing information. In Proceedings of First IEEE / CreateNet International Conference on Security and Privacy for Emerging Areas in Communication Networks (IEEE/CreateNet SecureComm 2005). 384-393.
24. HOWELL, J. AND KOTZ, D. 2000a. A formal semantics for SPKI. In Proceedings of 6th European Symposium on Research in Computer Security (ESORICS 2000). 140-158.
25. HOWELL, J. AND KOTZ, D. 2000b. End-to-end authorization. In Proceedings of 4th Symposium on Operating System Design & Implementation (OSDI 2000). 151-164.
26. ICAL. ftp://ftp.scriptics.com/pub/tcVapps/ical/.
27. JUDD, G. AND STEENKISTE, P. 2003. Providing contextual information to ubiquitous computing applications. In Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom 2003). 133-142.
28. KAGAL, L., FININ, T., AND JOSHI, A. 2004. A policy language for a pervasive computing environment. In Proceedings of 4th International Workshop on Policies for Distributed Systems and Networks. 63-76.
29. KAMINSKY, M., SAWIDES, G., MAZIÈRES, D., AND KAASHOEK, M. F. 2003. Decentralized user authentication in a global file system. In Proceedings of 19th ACM Symposium on Operating Systems Principles (SOSP'03). 60-73.
30. LEONHARDT, U. AND MAGEE, J. 1998. Security considerations for a distributed location service. Journal Network Systems Management 6, 1 (Mar.), 51-70.
31. LI, N. AND MITCHELL, J. C. 2003. Understanding SPKI/SDSI using first-order logic. In Proceedings of 16th IEEE Computer Security Foundations Workshop (CSFW-16). 89-103.
32. Li, N., WINSBOROUGH, W. H., AND MITCHELL, J. C. 2003a. Beyond proof-of-compliance: Security analysis in trust management. In Proceedings of 2003 IEEE Symposium on Security and Privacy, 123-139.
33. LI, N., WINSBOROUGH, W. H., AND MITCHELL, J. C. 2003b. Distributed credential chain discovery in trust management. J. Comput. Secur. 11, 1 (Feb.), 35-86.
34. MCDANIEL, P. 2003. On context in authorization policy. In Proceedings of 8th ACM Symposium on Access Control Models and Technologies (SACMAT 2003). 80-89.
35. MYLES, G., FRIDAY, A., AND DAVIES, N. 2003. Preserving privacy in environments with location-based applications. Pervasive Computing 2, 1 (Jan.-Mar.), 56-64.
36. NEUMAN, B. 1993. Proxy-based authorization and accounting for distributed systems. In Proceedings of International Conference on Distributed Computing Systems. 283-291.
37. ORKUT. http://www.orkut.com.
38. PRIYANTHA, N., CHAKRABORTY, A., AND BALAKRISHNAN, H. 2000. The cricket location-support system. In Proceedings of 6th Annual International Conference on Mobile Computing and Networking (MobiCom 2000).
39. SHAND, B., DIMMOCK, N., AND BACON, J. 2003. Trust for ubiquitous, transparent collaboration. In Proceedings of IEEE International Conference on Pervasive Computing and Communications (PerCom 2003). 153-160.
40. SOLLINS, K. R. 1988. Cascaded authentication. In Proceedings of IEEE Symposium on Security and Privacy. 156-163.
41. SPREITZER, M. AND THEIMER, M. 1993. Providing location information in a ubiquitous computing environment. In Proceedings of SIGOPS '93. 270-283.
42. SYVERSON, P. F., GOLDSCHLAG, D. M., AND REED, M. G. 1997. Anonymous connections and onion routing. In Proceedings of 1997 IEEE Symposium on Security and Privacy. 44-54.
43. TAMASSIA, R., YAO, D., AND WINSBOROUGH, W. H. 2004. Role-based cascaded delegation. In Proceedings of 9th ACM Symposium on Access Control Models and Technologies (SACMAT 2004). 146-155.
44. WARD, A., JONES, A., AND HOPPER, A. 1997. A new location technique for the active office. IEEE Personal Communications 4, 5 (Oct.), 42-47.
45. YLONEN, T. 2003. SSH transport layer protocol. Internet Draft.