Privacy engine for context-aware enterprise application services

Abstract

Satisfying the varied privacy preferences of individuals, while exposing context data to authorized applications and individuals, remains a major challenge for context-aware computing. This paper describes our experiences in building a middleware component, the Context Privacy Engine (CPE), that enforces a role-based, context-dependent privacy model for enterprise domains. While fundamentally an ACL-based access control scheme, CPE extends the traditional ACL mechanism with usage control and context constraints. This paper focuses on discussing issues related to managing and evaluating context-dependent privacy policies. Extensive experimental studies with a production-grade implementation and real-life context sources demonstrate that the CPE can support a large number of concurrent requests. The experiments also show valuable insight on how context-retrieval can affect the privacy evaluation process. © 2008 IEEE.