Relationship based privacy management for ubiquitous society

Abstract

The growing concern of users for their personal information has made it critical to implant effective technologies for privacy and data privacy management. Most of the previous studies focus on Role Based Access Control model, and another approach is setting user preference separately rather than considering them together. However, the former one would lead inconvenience for users and the later one may result in conflicts or unconscious data disclosure after users setting their preferences. This paper proposes a privacy system using graph data structure to manage privacy data, limiting disclosure of data, guaranteeing high flexibility and facilitating the management of data. An important advantage of our approach is that it not only supports privacy-aware role based access control, but also permits users to clarify their privacy preferences. A full detailed view of a proper conversion from role-based privacy management to personal privacy preference management is provided. © 2009 Springer Berlin Heidelberg.