Database Reference
In-Depth Information
a number of methods, which have low energy requirements for these
cryptographic solutions have been proposed recently [12, 20].
5.5 Privacy Issues in Data Management
In previous subsections, we addressed the privacy issues which arise as
a result of eavesdropping on the tag or the reader. In this subsection, we
will discuss the privacy issues which arise from the data management is-
sues of the collected data. The general methods for privacy-preservation,
such as
k
-anonymity,
-diversity,
t
-closeness etc, are also applicable to
the data which is captured using RFID technology [3]. The general goal
of these methods is to reduce the fidelity of the captured data, so that
aggregate inferences can still be derived from it, without compromising
privacy.
A number of interesting challenges for privacy arise, when both people
and objects are tagged, and the same people have access to the captured
RFID data. Such a scenario arises in the context of an RFID Ecosystem
constructed at the University of Washington [49, 74]. The most restric-
tive view to privacy would be one in which users only have access to
their own data. While this assures complete privacy of a user, it also
unnecessarily curtails the useful insights which one can obtain from such
data. This is because events which occurred in the
proximity
of a given
user at a given time should be accessible to the user, even if they do not
directly relate to the user themselves. This is because such events could
be observed by that user by virtue of their physical presence.
It has been observed in [49] that a natural access control policy to
useinsuchascenarioisoneinwhichthedatatowhichausercan
gain access is that which corresponds to events which occurred at times
and places when and where the user was physically present. This policy
is also referred to as
Physical Access Control (PAC)
in [49]. In a sense,
such a policy provides a database view which augments people's memory
of objects, places and people. It also naturally models the boundaries
of people in everyday life. In addition, a user can also specify rules
which can relax or restrict the access to data which concerns them. This
provides a certain level of personal choice and flexibility in the privacy-
preservation process.
The work in [60] further implements the broad principles of the PAC
policy by designing a rule-based system, which can infer which informa-
tion to release for a particular user. The system starts from PAC, and
then uses a number of reasoning rules in order to make careful decisions
about access control.
