Title: Using AOP-based enforcement of prioritised XACML policies for location privacy

Authors: Thomas Scheffler; Sven Schindler; Bettina Schnor

Addresses: Department of Electrical Engineering, Beuth Hochschule für Technik Berlin, Luxemburger Str. 10, D-13353 Berlin, Germany ' Institute of Computer Science, Potsdam University, August-Bebel-Str. 89, D-14482 Potsdam, Germany ' Institute of Computer Science, Potsdam University, August-Bebel-Str. 89, D-14482 Potsdam, Germany

Abstract: Location-based services have become more and more popular over the last years and allow the tracking of persons and goods. Users of these services often have little control over their private data as it is accessed, processed and stored. This paper presents a privacy enforcement concept that combines a sticky-policy approach with an aspect-oriented programming-based reference monitor. Furthermore, we introduce prioritised policies which allow users to define their own access rules without accidentally generating inconsistent rule sets. For the implementation of this concept, we propose a new XACML combining algorithm, the priority policy combining algorithm. We demonstrate the feasibility and ease-of-use of our concept with the example of a theme-park location service.

Keywords: data privacy; location privacy; aspect-oriented programming; AOP; data owner-defined privacy policies; access control; eXtensible Access Control Markup Language; XACML; sticky policies; privacy enforcement; security; theme park location.

DOI: 10.1504/IJITST.2013.058293

International Journal of Internet Technology and Secured Transactions, 2013 Vol.5 No.1, pp.84 - 104

Published online: 19 Jul 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article