Abstract
Some of Internet services require users to provide their sensitive information such as credit card number, and an ID-password pair. In these services, the manner in which the provided information is used is solely determined by the service providers. As a result, even when the manner in which information is used by a service provider appears vulnerable, users have no choice but to allow such usage. In this paper, we propose a framework that enables users to select the manner in which their sensitive information is protected. In our framework, a policy, which defines the type of information protection, is offered as a Security as a Service. According to the policy, users can incorporate the type of information protection into a program. By allowing a service provider to use their sensitive information through this program, users can protect their sensitive information according to the manner chosen by them.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Japan Network Security Association. Information Security Incident Survey Report ver.1.0, http://www.jnsa.org/result/index.html
McAfee Security-as-a-Service, http://www.mcafee.com/us/saas/index.html
Panda Cloud Protection, http://cloudprotection.pandasecurity.com/
Yahoo! Auction - Safety Payment Service, http://special.auctions.yahoo.co.jp/html/uketorigo/
Rakuten Safety Trading Services, http://event.rakuten.co.jp/anshin/
Stinson, D.R. (ed.): Cryptography: Theory and Practice, Crc Pr I Llc (1995)
P3P project, http://www.w3.org/P3P
The EPAL 1.1, http://www.zurich.ibm.com/security/enterpriseprivacy/epal/
Theodorakopoulos, G., Baras, J.: Trust Evaluation in Ad-Hoc Networks. In: WiSe 2004, pp. 1–10 (2004)
Xiu, D., Liu, Z.: Trust Model for Pervasive Computing Environments. In: FTDCS 2004, pp. 80–85 (2004)
Karabulut, Y.: Towards a Next-Generation Trust Management Infrastructure for Open Computing Systems. In: SPPC 2004 (2004)
Pearce, C., Bertok, P., Schyndel, R.: Protecting Consumer Data in Composite Web Services. In: IFIP/SEC 2005 (2005)
Chow, R., Golle, P., Jakobson, M., Shi, E., Staddon, J., Masuoka, R., Molina, J.: Controlling Data in the Cloud: Outsourcing Computation Without Outsourcing Control. In: CCSW 2010, pp. 85–90 (2009)
Wang, W., Li, Z., Owens, R., Bhargave, B.: Secure and Efficient Access to Outsourced Data. In: CCSW 2010, pp. 55–65 (2009)
Benaloh, J., Chase, M., Horvitz, E., Lauter, K.: Patient Controlled Encryption: En- suring Privacy of Electronic Medical Records. In: CCSW 2010, pp. 103–114 (2009)
Imada, M., Takasugi, K., Ohta, M., Koyanagi, K.: LooM: A Loosely Managed Privacy Protection Method for Ubiquitous Networking Environments. IEICE Trans. on Comm. J88-B(3), 563–573 (2005)
Miyamoto, T., Takeuchi, T., Okuda, T., Harumoto, K., Ariyoshi, Y., Shimojo, S.: A Proposal for Profile Control Mechanism Considering Privacy and Quality of Per- sonalization Services. In: DEWS 2005, 6A-o1(2005)
Yamada, S., Kamioka, E.: Access Control for Security and Privacy in Ubiquitous Computing Environments. IEICE Trans. on Comm E88-B(3), 846–856
Mell, P., Grance, T.: The NIST Definition of Cloud Computing, http://csrc.nist.gov/groups/SNS/cloud-computing/
The result of questionnaire about Cloud Computing, http://jp.fujitsu.com/about/journal/voice/enq/enq0905.shtml
2010 Analysis Report of the Market of Cloud Service in Japan, http://www.idcjapan.co.jp/Press/Current/20100603Apr.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Takahashi, K., Matsuzaki, T., Mine, T., Kawamura, T., Sugahara, K. (2011). Security as a Service for User Customized Data Protection. In: Zain, J.M., Wan Mohd, W.M.b., El-Qawasmeh, E. (eds) Software Engineering and Computer Systems. ICSECS 2011. Communications in Computer and Information Science, vol 180. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22191-0_27
Download citation
DOI: https://doi.org/10.1007/978-3-642-22191-0_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22190-3
Online ISBN: 978-3-642-22191-0
eBook Packages: Computer ScienceComputer Science (R0)