Databases Reference
In-Depth Information
own privacy/security policies which are dependent on the locations and
profiles. To protect mobile resources from static requesters, a
Static Auth-
Subject upon Moving Auth-Object Authorization
(
α
SM
) can be specified.
Here,
α.se
is associated with the spatiotemporal extent. An example of
such a security policy is as follows.
Policy 3: In order to get a personalized promotion deal, a mobile customer
is willing to reveal her age and salary information to a merchant, provided
she is within 10 miles from the shopping mall during evening hours.
•
Mobile Requesters upon Mobile Resources (MMR):
(e.g., a boss (mobile re-
quester) tries to access the locations of her employees (mobile resource).) In
this scenario, locations of both entities (requesters and resources) are im-
portant. Mobile resources (employees) do not want their boss to know their
current locations after the work hours, and these sensitive information
must be available only for the work purposes. To protect mobile resources
from mobile requesters, a
Moving Auth-Subject upon Moving Auth-Object
Authorization
(
α
MM
) can be specified. Here, both of
α.se
and
α.ge
are
associated with the spatiotemporal extents. An example of such a security
policy is as follows.
Policy 4: A manager can access the location of his employee (John) infor-
mation between “9am and 5pm” and while the manager is “in the oce.”
Note that both the requester (manager in this case) and the resource (his
employee) are mobile.
Observe that we do not include the case of ”Static Requesters upon Static
Resources” because this falls into the traditional static environment.
4 Unified Index for Authorizations and Profiles
The ASM-Trie model [16] considers static requesters (merchants) upon mobile
resources (mobile users' profile and location information), and therefore can
support example policies such as Policy 3 presented in section 3. The result of
an access request by a merchant is a set of pseudonyms of the mobile customers
that satisfy the authorizations and profiles, so that the merchant can “push”
mass advertising to the mobile customers. In a pull scenario, non-expiring
offers are stored at LS until the customer fetches them [16].
The basic idea in the proposed ASM-Trie model is to represent autho-
rizations in the form of alphabetical strings. This is accomplished by first
organizing that requesters (auth-subjects), resources (auth-objects), location
and time interval as hierarchies. For example: (1) Because the model con-
siders the mobile advertisement environment, auth-subjects are merchants.
Therefore, the
Auth-Subject Hierarchy
comprises of all merchants, which may
include hotels, retail businesses, etc., where the leaf nodes represent the indi-
vidual merchants. (2) The
Auth-Object Hierarchy
is composed of two levels:
the root node is
{
l
+
p
}
{
l
}
{
p
}
where
l
is the location
and the leaves are
and
