Abstract
In this paper we describe a system for allocating computational resources to distributed applications and services (within distributed data centres and utility computing systems) in order to perform operations on personal or confidential data in a way that is compliant with associated privacy policies. Relevant privacy policies are selected on the fly, based on related meta-policies, depending on contextual information (potentially including location) and properties of the resources. One or more Trusted Privacy Services are involved to mediate the access to the data, based on the satisfaction of pertinent policies. Resources might be equipped with trusted computing components (e.g. Trusted Platform Modules [1]) to provide higher assurance and trust about the contextual statements or properties of these resources (such as their location, their status and integrity, etc.).
Chapter PDF
References
Trusted Computing Group: TCG TPM Specification vl.2. Available via https://www.trustedcomputinggroup.org/home (2005).
Laurant, C.: Privacy International-Privacy and Human Rights 2003: an International Survey of Privacy Laws and Developments. Electronic Privacy Information Center (EPIC). Privacy International. http://www.privacyinternational.org/survey/phr2003/ (2003).
OECD: OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data http://wwwl.oecd.org/publications/e-book/9302011E.PDF (2001).
Online Privacy Alliance: Guidelines for Online Privacy Policies. Online Privacy Alliance http://www.privacyalliance.org/ (2004).
Hewlett-Packard Ltd (HP): Adaptive Enterprise-Overview, Technologies and HP Services http://www.hp.com/products1/promos/adaptive_enterprise/us/adaptive_enterprise.html (2005).
Pearson, S. (ed.): Trusted Computing Platforms. Prentice Hall (2002).
Cocks, C: An Identity Based Encryption Scheme based on Quadratic Residues. Communications Electronics Security Group (CESG). UK. http://www.cesg.gov.uk/site/ast/idpkc/media/ciren.pdf (2001).
Casassa Mont, M., Pearson, S., Bramhall, P.: Towards Accountable Management of Privacy and Identity Management. Proc. ESORICS (2003).
OASIS: extensible Access Control Markup Language (XACML). http://www.oasis-open.org (2005).
IBM: The Enterprise Privacy Authorisation Language (EPAL). EPAL 1.2 specification http://www.zurich.ibm.com/security/enterprise-privacy/epal/(2004).
IBM Tivoli Privacy Manager: Privacy manager main web page-http://www-306.ibm.com/sofrware/tivoli/products/privacy-mgr-e-bus/.
Microsoft Corp.: Methods and systems for context-aware policy determination and enforcement, patent no. EP1220510A2.
IBM Corp: Protecting resources in a distributed computer system, patent no. US6658573B1.
Casassa Mont, M., Harrison, K., Sadler, M.: The HP Time Vault Service: Exploiting IBE for Timed Release of Confidential Information. WWW2003 (2003).
PRIME Project: Privacy and Identity Management for Europe. European RTD Integrated Project under the FP6/IST Programme http://www.prime-project.eu.org/ (2005).
Casassa Mont, M, Pearson, S.: An Adaptive Privacy Management System for Data Repositories, Proc, TrustBus 2005 (2005).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 International Federation for Information Processing
About this paper
Cite this paper
Pearson, S., Casassa-Mont, M. (2006). A System for Privacy-Aware Resource Allocation and Data Processing in Dynamic Environments. In: Fischer-Hübner, S., Rannenberg, K., Yngström, L., Lindskog, S. (eds) Security and Privacy in Dynamic Environments. SEC 2006. IFIP International Federation for Information Processing, vol 201. Springer, Boston, MA. https://doi.org/10.1007/0-387-33406-8_44
Download citation
DOI: https://doi.org/10.1007/0-387-33406-8_44
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-33405-9
Online ISBN: 978-0-387-33406-6
eBook Packages: Computer ScienceComputer Science (R0)