Visible to the public Cloud: privacy For Locations Based-services' through Access Control with dynamic multi-level policy

TitleCloud: privacy For Locations Based-services' through Access Control with dynamic multi-level policy
Publication TypeConference Paper
Year of Publication2019
AuthorsJasim, Anwar Chitheer, Hassoon, Imad Ali, Tapus, Nicolae
Conference Name2019 6th International Conference on Control, Decision and Information Technologies (CoDIT)
Date Publishedapr
KeywordsAccess Control, authorisation, cloud computing, cloud service, cloud-based locations, data partitioning, data privacy, data privacy protection, dynamic multilevel policy, human factors, LBSs, location information, location-based services, Metrics, mobile computing, policy-based governance, pubcrawl, Resiliency, Scalability, supplementary servers, third-party application, user location data, user privacy in the cloud, zero trust

LBSs are Location-Based Services that provide certain service based on the current or past user's location. During the past decade, LBSs have become more popular as a result of the widespread use of mobile devices with position functions. Location information is a secondary information that can provide personal insight about one's life. This issue associated with sharing of data in cloud-based locations. For example, a hospital is a public space and the actual location of the hospital does not carry any sensitive information. However, it may become sensitive if the specialty of the hospital is analyzed. In this paper we proposed design presents a combination of methods for providing data privacy protection for location-based services (LBSs) with the use of cloud service. The work built in zero trust and we start to manage the access to the system through different levels. The proposal is based on a model that stores user location data in supplementary servers and not in non-trustable third-party applications. The approach of the present research is to analyze the privacy protection possibilities through data partitioning. The data collected from the different recourses are distributed into different servers according to the partitioning model based on multi-level policy. Access is granted to third party applications only to designated servers and the privacy of the user profile is also ensured in each server, as they are not trustable.

Citation Keyjasim_cloud_2019