期刊名称:International Journal of New Computer Architectures and their Applications
印刷版ISSN:2220-9085
出版年度:2011
卷号:1
期号:4
页码:797-809
出版社:Society of Digital Information and Wireless Communications
摘要:Some of Internet services require users to provide their information such as their name, address, credit card number, and an ID-password pair. In these services, the manner in which the provided information is used is solely determined by the service providers. As a result, even when the manner appears vulnerable, users have no choice to refuse, but to allow such usage. However, the owner of the information is the user. Thus, users along with the service providers should be able to determine the manner. In this paper, we propose such a framework that enables users to select. A policy defines the manner in which his/her information is to be protected, and its manner is incorporated into a program. By allowing a service provider to use the information through the program, the user can protect his/her information in his/her selected manner. Thus, in this scenario, both the service provider and the user can determine the type of protection for the user's information. Moreover, the responsibility of the service provider for information protection would be reduced as the user would determine the type of information protection. We show the validity of the proposed framework with an example scenario to protect user password.
关键词:Privacy; personal information; user ; preference; information security; framework