In mobile and pervasive computing applications, opportunistic connections allow co -located devices to exchange data directly. Keeping data sharing local enables large-scale cooperative applications and empowers individual users to control what and how information is shared. Supporting such applications requires runtime frameworks that allow them to manage the who, what, when, and how of access to resources. Existing frameworks have limited expressiveness and do not allow data owners to modulate the granularity of information released. In addition, these frameworks focus exclusively on security and privacy concerns of data providers and do not consider the privacy of data consumers. We present PADEC, a context-sensitive, privacy-aware framework that allows users to define rich access control rules over their resources and to attach levels of granularity to each rule. PADEC is also characterized by its expressiveness, allowing users to decide under which conditions should which information be shared. We provide a formal definition of PADEC and an implementation based on private function evaluation. Our evaluation shows that PADEC is more expressive than other mechanisms, protecting privacy of both consumers and providers. (c) 2022 Elsevier B.V. All rights reserved.

Herrera, J.L., Chen, H., Berrocal, J., Murillo, J.M., Julien, C. (2022). Context-aware privacy-preserving access control for mobile computing. PERVASIVE AND MOBILE COMPUTING, 87, 1-17 [10.1016/j.pmcj.2022.101725].

Context-aware privacy-preserving access control for mobile computing

Herrera, Juan Luis;
2022

Abstract

In mobile and pervasive computing applications, opportunistic connections allow co -located devices to exchange data directly. Keeping data sharing local enables large-scale cooperative applications and empowers individual users to control what and how information is shared. Supporting such applications requires runtime frameworks that allow them to manage the who, what, when, and how of access to resources. Existing frameworks have limited expressiveness and do not allow data owners to modulate the granularity of information released. In addition, these frameworks focus exclusively on security and privacy concerns of data providers and do not consider the privacy of data consumers. We present PADEC, a context-sensitive, privacy-aware framework that allows users to define rich access control rules over their resources and to attach levels of granularity to each rule. PADEC is also characterized by its expressiveness, allowing users to decide under which conditions should which information be shared. We provide a formal definition of PADEC and an implementation based on private function evaluation. Our evaluation shows that PADEC is more expressive than other mechanisms, protecting privacy of both consumers and providers. (c) 2022 Elsevier B.V. All rights reserved.
2022
Herrera, J.L., Chen, H., Berrocal, J., Murillo, J.M., Julien, C. (2022). Context-aware privacy-preserving access control for mobile computing. PERVASIVE AND MOBILE COMPUTING, 87, 1-17 [10.1016/j.pmcj.2022.101725].
Herrera, Juan Luis; Chen, Hsiao-Yuan; Berrocal, Javier; Murillo, Juan M.; Julien, Christine
File in questo prodotto:
File Dimensione Formato  
PADEC___Formal_model___Survey_Publishable_Ver_.pdf

accesso aperto

Tipo: Postprint
Licenza: Licenza per accesso libero gratuito
Dimensione 796.72 kB
Formato Adobe PDF
796.72 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/959544
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? 4
social impact