How Location-Aware Access Control Affects User Privacy and Security in Cloud Computing Systems

open access articleThe use of cloud computing (CC) is rapidly increasing due to the demand for internet services and communications. The large number of services and data stored in the cloud creates security risks due to the dynamic movement of data, connected devices and users between various cloud environments. In this study, we will develop an innovative prototype for location-aware access control and data privacy for CC systems. We will apply location-aware access control policies to role-based access control of Cloud Foundry, and then analyze the impact on user privacy after implementing these policies. This innovation can be used to address the security risks introduced by inter-cloud use and communication, and will have significant impact in making citizen’s personal data more secure

Architecture and Protocols for Service and Application Deployment in Resource Aware Ubiquitous Environments

Realizing the potential of pervasive computing will be predicated upon the availability of a flexible, mobility-aware infrastructure and the technologies to support seamless service management, provisioning and delivery. Despite the advances in routing and media access control technologies, little progress has been made towards large-scale deployment of services and applications in pervasive and ubiquitous environments. The lack of a fixed infrastructure, coupled with the time-varying characteristics of the underlying network topology, make service delivery challenging. The goal of this research is to address the fundamental design issues of a service infrastructure for ubiquitous environments and provide a comprehensive solution which is robust, scalable, secure and takes into consideration node mobility and resource constraints. We discuss the main functionalities of the proposed architecture, describe the algorithms for registration and discovery and present a power-aware location-driven message forwarding algorithm to enable node interaction in this architecture. We also provide security schemes to ensure user privacy in this architecture. The proposed architecture was evaluated through theuse of simulations. The results show that the service architecture is scalable and robust, even when node mobility is high. The comparative analysis shows that our message forwarding algorithm consistently outperforms contemporary location-driven algorithms. Furthermore, thisresearch work was implemented as a proof-of-concept implementation and tested on a real world scenario

Using P3P in a web services-based context-aware application platform

This paper describes a proposal for a privacy control architecture to be applied in the WASP project. The WASP project aims to develop a context-aware service platform on top of 3G networks, using web services technology. The proposed privacy control architecture is based on the P3P privacy policy description standard defined by W3C. The paper identifies extensions to P3P and its associated preference expression language APPEL that are needed to operate in a context-aware environment

Empowering users to control their privacy in context-aware system through interactive consent

Context-aware systems adapt their behaviour based on the context a user is in. Since context is potentially privacy sensitive information, users should be empowered to control how much of their context they are willing to share, under what conditions and for what purpose. We propose an interactive consent mechanism that allows this. It is interactive in the sense that users are asked for consent when a request for their context information is received. Our interactive consent mechanism complements a more traditional pre-configuration approach. We describe the architecture, the implementation of our interactive consent mechanism and a use case

Context for Ubiquitous Data Management

In response to the advance of ubiquitous computing technologies, we believe that for computer systems to be ubiquitous, they must be context-aware. In this paper, we address the impact of context-awareness on ubiquitous data management. To do this, we overview different characteristics of context in order to develop a clear understanding of context, as well as its implications and requirements for context-aware data management. References to recent research activities and applicable techniques are also provided

Expressing Privacy Preferences in terms of Invasiveness

Dynamic context aware systems need highly flexible privacy protection mechanisms. We describe an extension to an existing RBAC-based mechanism that utilises a dynamic measure of invasiveness to determine whether contextual information should be released

WLAN Location Sharing through a Privacy Observant Architecture

In the last few years, WLAN has seen immense growth and it will continue this trend due to the fact that it provides convenient connectivity as well as high speed links. Furthermore, the infrastructure already exists in most public places and is cheap to extend. These advantages, together with the fact that WLAN covers a large area and is not restricted to line of sight, have led to developing many WLAN localization techniques and applications based on them. In this paper we present a novel calibration-free localization technique using the existing WLAN infrastructure that enables conference participants to determine their location without the need of a centralized system. The evaluation results illustrate the superiority of our technique compared to existing methods. In addition, we present a privacy observant architecture to share location information. We handle both the location of people and the resources in the infrastructure as services, which can be easily discovered and used. An important design issue for us was to avoid tracking people and giving the users control over who they share their location information with and under which conditions