Information Technology Reference
In-Depth Information
The developed model support for this factor can be shown by comparing
user and service provider privacy policy files before and during service usage
phase.
2. Support for discretionary rules: Discretionary rules are the rules that each
party defines on its own side and tries to adhere in communicating with
other parties. Privacy preferences files reflect their related party discretionary
rules. Each party tries to achieve these preferred privacy levels in commu-
nicating with other parties but it might communicate with lower or higher
privacy levels based on the privacy agreements too. The mechanism for ap-
plying discretionary rules is based on the user APL. If the user APL is less
than 25 or more than 75, the system decides automatically on applying the
proper privacy policy, however in APL between 25 and 75 the user receives
an alarm and has to make a decision. The implemented model shows the
support for discretionary rules by comparing the privacy preferences and
privacy policy files of each party before and after each phase. The similari-
ties between these two show the situation that the partys discretionary rules
have been applied while the differences show the situations that other partys
discretionary rules have been applied.
3. Context sensitivity: Our model portals gather context information in the
device level. The current status of the context devices is reflected in Device
Privacy Policy File but the device's preferred privacy levels are reflected in
the Device Privacy Preferences File. Context Privacy Preferences File shows
the preferred context privacy but the Context Privacy Policy File reflects
the current context privacy. The above files provide context sensitivity for
the model.
4. Managing uncertain situations: The uncertain situations happen when the
user requested privacy level is less than the privacy level that can be provided
by the other party. Our models privacy policies are expressive in a way that
uncertain situations can be detected with simple comparison and they get
managed in a way to provide the highest possible privacy level for the user.
For example if the user connects to the bank portal which provides higher
privacy level than the requested level by the user, the system works with a
higher privacy level of the bank portal. The same mechanism is used in all
other uncertain situations.
5. Conflict resolution: A conflict occurs when the other party could not provide
the requested privacy level. The mechanisms for resolving the conflicts are
based on the APL. If the APL is less than 25 the system resolves conflict
situation through accepting other party provided privacy level. If APL is
more than 75 the user gives up using the service in any conflict situation.
For the APL between 25 and 75 the system provides choice and consent for
the user.
The above discussion shows that the UPM supports all four characteristics of
Expressiveness of privacy policies.
Search WWH ::
Custom Search