Gaining Consent

Previous page
Table of content
Next page

Before looking at a generic architecture for supporting location privacy controls, it is worthwhile looking at some of the general principles concerning "consent." Some of these principles have already been observed in terms of the 3GPP implementation of privacy control, but they have been thought about in the IP domain as well.

The GEOPRIV model described in this book assumes that prior consent has been established. The published authorization policy document is the result of a consent decision that has to be made before location is requested.

If no prior arrangement has been determined, the location service can actively seek consent from the user. Such active consent requires a decision from the user at the time that location is sought.

Active consent is employed in cellular networks as one of a number of privacy options. The user is shown a message that includes the name of the service requesting location. The user is then able to choose whether to grant or deny access.

Another form of active consent is made when location information is provided directly (by-value). The decision to make location available in this manner is usually preceded by a question.

Active consent is particularly useful where location is required for unplanned, temporary or transitory use; however, active consent requires user interaction, which makes it unsuitable for presence applications, long-term use, or any situation where location needs to be updated frequently. Constant requests for authorization in these circumstances would be intrusive.

Emergency services are a special instance where consent is implicit. An emergency call by nature requires location information to succeed; therefore, by initiating an emergency call, the caller implicitly relinquishes any privacy rights. Emergency calls are usually treated as if prior consent has been established; this behavior can be mandated by legislation.

For cases of prior (or implicit) consent, the user can also request notification about who is using location information. This does not allow for gaining consent, but ensures that the user is aware of when their location information is being used.

Generalized Consent

Another concept highlighted by 3GPP that wasn't described previously is that of giving consent to a class of requesters, rather than individuals. For instance, a user might want to provide all pizza restaurants or roadside assistance services access to their location. If such a decision can be made without making the decision specific to a single service, that greatly simplifies the management of an authorization policy.

This concept relies on being able to ensure that the requester does indeed belong to one of these classes of services, or that they have certain traits. In a cellular network, a decision can be made based on a trust or business relationship; the user can trust this assertion because their cellular provider is making it.

On the Internet, due to the decoupling between the access provider and the service provider, there is no easy way to ensure that a trusted relationship exists. However, the benefit of such general consent is undeniable. A solution for this is the Security Assertion Markup Language (SAML) (see 3), which supports trait-based authentication. This remains as future work for authorization policy standardization.


Previous page
Table of content
Next page
IP Location
IP Location
ISBN: 0072263776
EAN: 2147483647
Year: 2004
Pages: 129
Authors: Martin Dawson, James Winterbottom, Martin Thomson
BUY ON AMAZON
Strategies for Information Technology Governance
Oracle Developer Forms Techniques
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Systematic Software Testing (Artech House Computer Library)
C++ GUI Programming with Qt 3
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy