A Middleware Architecture for Integrating Privacy Preferences and Location Accuracy

  • Claudio Agostino Ardagna
  • Marco Crcmonini
  • Ernesto Damiani
  • Sabrina De Vimercati
  • Pierangela Samarati
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 232)


Location-Based Access Control (LBAC) systems support the evaluation of conditions on locations in the enforcement of access control policies. The ability to evaluate conditions on a set of authorized locations has a number of well-known advantages, including enriching access control expressiveness. However, when locations are used in combination with personal identities, users privacy must be considered. In this paper, we describe a solution to integrate a LBAC system with privacy-enhanced techniques based on location obfuscation. Our solution is based on a privacy-aware middleware component that explicitly addresses the trade-off between users privacy and location accuracy by satisfying preferences set by users and maximizing the quality of location information released to LBAC systems.


Location Accuracy Location Privacy Location Provider Access Control Policy User Privacy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    C.A. Ardagna, M. Cremonini, E. Damiani, S. De Capitani di Vimercati, and P. Samarati. Location-based metadata and negotiation protocols for LBAC in a one-to-many scenario. In Proc. of the Workshop On Security and Privacy in Mobile and Wireless Networking, Coimbra, Portugal, May 2006.Google Scholar
  2. 2.
    C.A. Ardagna, M. Cremonini, E. Damiani, S. De Capitani di Vimercati, and P. Samarati. Supporting location-based conditions in access control policies. In Proc. of the ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS’06), Taipei, Taiwan, March 2006.Google Scholar
  3. 3.
    A. R. Beresford and F. Stajano. Mix zones: User privacy in location-aware services. In Proc. of the 2nd IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW’04), Orlando, Florida, March 2004.Google Scholar
  4. 4.
    C. Bettini, X.S. Wang, and S. Jajodia. Protecting privacy against location-based personal identification. In Proc. of the 2nd VLDB Workshop on Secure Data Management, Trondheim, Norway, September 2005.Google Scholar
  5. 5.
    E. Damiani, M. Anisetti, and V. Bellandi. Toward exploiting location-based and video information in negotiated access control policies. In Proc. of the 1st International Conference on Information Systems Security (ICISS 2005), Kolkata, India, December 2005.Google Scholar
  6. 6.
    M. Duckham and L. Kulik. A formal model of obfuscation and negotiation for location privacy. In Proc. of the 3rd International Conference on Pervasive Computing, Munich, Germany, May 2005.Google Scholar
  7. 7.
    D. Hong, M. Yuan, and V. Y. Shen. Dynamic privacy management: a plug-in service for the middleware in pervasive computing. In Proc. of the 7th International Conference on Human Computer Interaction with Mobile Devices & Services, Salzburg, Austria, September 2005.Google Scholar
  8. 8.
    G. Myles, A. Friday, and N. Davies. Preserving privacy in environments with location-based applications. IEEE Pervasive Computing, 2(1):56–64, 2003.CrossRefGoogle Scholar
  9. 9.
    H. Naguib, G. Coulouris, and S. Mitchell. Middleware support for context-aware multimedia applications. In Proc. of the IFIP TC6 / WG6.1 3rd International Working Conference on New Developments in Distributed Applications and Interoperable Systems, Deventer, The Netherlands, September 2001.Google Scholar
  10. 10.
    K. Nahrstedt, D. Xu, D. Wichadakul, and B. Li. QoS-aware middleware for ubiquitous and heterogeneous environments. IEEE Communications Magazine, pages 140–148, November 2001.Google Scholar
  11. 11.
    A. Ranganathan, J. Al-Muhtadi, S. Chetan, R. H. Campbell, and M. D. Mickunas. Middlewhere: A middleware for location awareness in ubiquitous computing applications. In Proc. of the ACM/IF IP/USENIX 5th International Middleware Conference (Middleware 2004), Toronto, Ontario, Canada, October 2004.Google Scholar

Copyright information

© International Federation for Information Processing 2007

Authors and Affiliations

  • Claudio Agostino Ardagna
    • 1
  • Marco Crcmonini
    • 1
  • Ernesto Damiani
    • 1
  • Sabrina De Vimercati
    • 1
  • Pierangela Samarati
    • 1
  1. 1.Dipartimento di Tecnologie dell’InformazioneUniversità degli Studi di MilanoCrema (CR)Italy

Personalised recommendations