Design of Dynamic Location Privacy Protection Scheme Based an CS-RBAC

CS-RBAC 기반의 동적 Location Privacy 보호 구조 설계

  • 송유진 (동국대학교 전자상거래학과) ;
  • 한승현 (동국대학교 일반대학원 전자상거래학과) ;
  • 이동혁 (동국대학교 일반대학원 전자상거래학과)
  • Published : 2006.08.01


The essential characteristic of ubiquitous is context-awareness, and that means ubiquitous computing can automatically process the data that change according to space and time, without users' intervention. However, in circumstance of context awareness, since location information is able to be collected without users' clear approval, users cannot control their location information completely. These problems can cause privacy issue when users access their location information. Therefore, it is important to construct the location information system, which decides to release the information considering privacy under the condition such as location, users' situation, and people who demand information. Therefore, in order to intercept an outflow information and provide securely location-based information, this paper suggests a new system based CS-RBAC with the existing LBS, which responds sensitively as customer's situation. Moreover, it accommodates a merit of PCP reflecting user's preference constructively. Also, through privacy weight, it makes information not only decide to providing information, but endow 'grade'. By this method, users' data can be protected safely with foundation of 'Role' in context-aware circumstance.


  1. Arun Kumar et al, 'Context Sensitivity in Role-based Access Control,' ACM SIGOPS Operating Systems Review, 2002
  2. Martijn Zuidweg, 'A P3P-Based Privacy Architecture For A Context-Aware Services Platform,' University of Twente, August, 2003
  3. Xinwen Zhang et al, 'Schema Based XML Security : RBAC Approach,' IFIP WG, 2003
  4. Akihisa KURASHIMA, 'Mobile Location Services Platform with Policy-based Privacy Control,' NEC Japan, 2002
  5. 'XML Access Control Markup Language,' http// xacml/index.shtml
  6. 'OASIS Web Services Security TC,' http//
  7. R. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. 'Role Based Access Control Models,' IEEE Computer 29, February, 1996
  8. G. Ahn and R. Sandhu. 'Role-based Authorization Constraints Specification, ACM Transactions on Information and System Security,' November, 2000
  9. L. Zhang, G. Ahn, and B. Chu. 'Rule-Based Framework for Role-Based Delegation,' Proceedings of ACM Symposium on Access Control Models and Technologies, Chantilly, VA, May, 2001
  10. John F. Barkley, Anthony V. Cincotta, David F. Ferraiolo, Servan Gavrilla, and D. Richard Kuhn, 'Role Based Access Control for the World Wide Web,' 20th NISSC National Information Systems Security Conference, pp.331-340, Oct., 7-10, Baltimore Convention Center, Baltimore, MD, April 8, 1997
  11. David F. Ferraiolo, John F. Barkley, and D. Richard Kuhn, 'A Role Based Access Control Model and Reference Implementation within a Corporate Intranet,' ACM Transaction on Information System Security, pp.34-64, Vol.2, No.1, Feb., 1999
  12. W.A. Jansen, 'Inheritance Properties of Role Hierarchies,' 21th NCSC/NIST NISSC National Information Systems Security Conference, pp. 476-485, Crystal City, VA, October, 5-8, 1998
  13. 박남제, 송유진, 문기영, '안전한 위치기반 서비스 제공을 위한 인증 및 보안 적용 방안', 情報保護學會誌 第14券 第3號, 2004, 6
  14. R Hull, B Kumar, D Lieuwen, P Patel-Schneider, 'Enabling Context-Aware And Privacy-Conscious User Data Sharing,' 2004 IEEE International Conference on Mobile Data Management
  15. 'LEXP: Preserving User Privacy and Certifying the Location Information,' Keio Universty, 2003
  16. XACML, 'eXtensible Access Control Markup Language (XACML),'
  17. P3P, 'Platform for Privacy Preferences,'

Cited by

  1. U-LBS : Precise Location Data Through a Car Crash Location System vol.15, pp.11, 2009,