A Context-Aware Privacy Policy Language for Controlling Access to Context Information of Mobile Users

Behrooz, Alireza; Devlić, Alisa

doi:10.1007/978-3-642-30244-2_3

Cited by 7 publications

(4 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the literature, many papers have addressed context awareness to dynamically adapt users' privacy preferences. For instance, Behrooz et al [6] proposed a context-aware privacy policy language (CPPL) that uses context to pre-filter policies applicable to the current situation, in order to reduce the number of policies that actually have to be evaluated. Konings et al [7] proposed a context-aware privacy policy selection model, exploiting user's current location and other potential contextual features, such as time, user's activities, or mood.…”

Section: Related Workmentioning

confidence: 99%

Helping Users Managing Context-Based Privacy Preferences

Alom

Carminati

Ferrari

2019

2019 IEEE International Conference on Services Computing (SCC)

View full text Add to dashboard Cite

Today, users interact with a variety of online services offered by different providers. In order to supply their services, providers collect, store and process users' data according to their privacy policies. To have more control on personal data, user can specify a set of privacy preferences, encoding the conditions according to which his/her data can be used and managed by the provider. Moreover, many services are context dependent, that is, the type of delivered service is based on user contextual information (e.g., time, location, and so on). This makes more complicated the definition of privacy preferences, as, typically, users might have different attitude with respect the privacy management based on the current context (e.g., working hour, free time). To provide a more fine-grained control, a user can set up different privacy preferences for each different possible contexts. However, since user change the context very frequently, this might result in a very complex and time-consuming task. To cope with this issue, in this paper, we propose a contextbased privacy management service that helps users to manage their privacy preferences setting under different contexts. At this aim, we exploit machine learning algorithms to build a classifier, able to infer new privacy preferences for the new context. The preliminary experimental results we have conducted are promising, and show the effectiveness of the proposed approach.

show abstract

Section: Related Workmentioning

confidence: 99%

Helping Users Managing Context-Based Privacy Preferences

Alom

Carminati

Ferrari

2019

2019 IEEE International Conference on Services Computing (SCC)

View full text Add to dashboard Cite

show abstract

“…By introducing a Context-aware Privacy Policy Language (CPPL), Behrooz et al [25] aimed to minimize the number of privacy policies that need analysis. In their work, the language filters policies that are relevant to the current scenario using context.…”

Section: Discussionmentioning

confidence: 99%

IM2P-Medical: Towards Individual Management Privacy Preferences for the Medical Web Apps

Phien¹,

Phuong²,

Huynh³

et al. 2023

IJACSA

View full text Add to dashboard Cite

With the advancement of technology, people are now able to monitor their health more efficiently. Mobile phones and smartwatches are equipped with sensors that can measure real-time changes in blood pressure, SPO2, and other attributes and public them to service providers via web applications (called web apps) for health improvement suggestions. Moreover, users can share the collected health data with other people, such as doctors, relatives, or friends. However, using technology in healthcare has raised the issue of privacy. Some health web apps, by default, intrusively gather and share data. Additionally, smartwatches may monitor people's health status 24/7. Therefore, users want to control how their health is processed (e.g., collected and shared). This can be cumbersome as they would have to configure each device manually. To address this problem, we have developed a privacy-preference prediction mechanism in the web apps called IM2P-Medical: towards Individual Management Privacy Preferences for the Medical web apps. To capture individual privacy preferences in the web apps, our model learns users' privacy behavior based on their responses in different medical scenarios. In practice, we exploited several machine learning algorithms: SVM, Gradient Boosting Classifier, Ada Boost Classifier, and Gradient Boosting Regressor. To prove the effectiveness of the proposed model, we set up several scenarios to measure the accuracy as well as the satisfaction level in the two participant groups (i.e., expert and normal users). One key point in this research's selection of participants is its focus on those living in developing countries, where privacy violation issues are not a common topic. The main contribution of our model is that it allows users to preserve their privacy without configuring privacy settings themselves.

show abstract

“…In this study, we followed the approach of Behrooz and Devlic [ 46 ] to separate situations and privacy rules. We identified the necessary information to capture privacy aspects in information-processing situations.…”

Section: Discussionmentioning

confidence: 99%

“…Behrooz and Devlic [ 46 ] propose a context-aware privacy policy language based on two design considerations: (1) situations and privacy rules are defined separately, and (2) a context requestor can be specified based on its identity or social relationship to a user. These principles mean that privacy policies are set for different situations.…”

Section: Introductionmentioning

confidence: 99%

Privacy-Related Context Information for Ubiquitous Health

Seppälä¹,

Nykänen²,

Ruotsalainen³

2014

JMIR Mhealth Uhealth

View full text Add to dashboard Cite

BackgroundUbiquitous health has been defined as a dynamic network of interconnected systems. A system is composed of one or more information systems, their stakeholders, and the environment. These systems offer health services to individuals and thus implement ubiquitous computing. Privacy is the key challenge for ubiquitous health because of autonomous processing, rich contextual metadata, lack of predefined trust among participants, and the business objectives. Additionally, regulations and policies of stakeholders may be unknown to the individual. Context-sensitive privacy policies are needed to regulate information processing.ObjectiveOur goal was to analyze privacy-related context information and to define the corresponding components and their properties that support privacy management in ubiquitous health. These properties should describe the privacy issues of information processing. With components and their properties, individuals can define context-aware privacy policies and set their privacy preferences that can change in different information-processing situations.MethodsScenarios and user stories are used to analyze typical activities in ubiquitous health to identify main actors, goals, tasks, and stakeholders. Context arises from an activity and, therefore, we can determine different situations, services, and systems to identify properties for privacy-related context information in information-processing situations.ResultsPrivacy-related context information components are situation, environment, individual, information technology system, service, and stakeholder. Combining our analyses and previously identified characteristics of ubiquitous health, more detailed properties for the components are defined. Properties define explicitly what context information for different components is needed to create context-aware privacy policies that can control, limit, and constrain information processing. With properties, we can define, for example, how data can be processed or how components are regulated or in what kind of environment data can be processed.ConclusionsThis study added to the vision of ubiquitous health by analyzing information processing from the viewpoint of an individual’s privacy. We learned that health and wellness-related activities may happen in several environments and situations with multiple stakeholders, services, and systems. We have provided new knowledge regarding privacy-related context information and corresponding components by analyzing typical activities in ubiquitous health. With the identified components and their properties, individuals can define their personal preferences on information processing based on situational information, and privacy services can capture privacy-related context of the information-processing situation.

show abstract

A Context-Aware Privacy Policy Language for Controlling Access to Context Information of Mobile Users

Cited by 7 publications

References 8 publications

Helping Users Managing Context-Based Privacy Preferences

Helping Users Managing Context-Based Privacy Preferences

IM2P-Medical: Towards Individual Management Privacy Preferences for the Medical Web Apps

Privacy-Related Context Information for Ubiquitous Health

Contact Info

Product

Resources

About