In the information era, users are increasingly communicating with each other through mobile devices, and making their personal information more and more involved in the network. As a result, security risks also greatly increase. In such a situation, this paper presents a privacy protection scheme based on access control. By adding permission bits to privacy data for access control and classifying multiple privacy situations, we give the corresponding solutions. This article has improved the existing roles concept and put forward the new concept of identity. It gives fine-grained access to different visitors. The visitors' identities are hierarchically defined and the partial order relation is used to determine the identity level. In order to match the basic principle of “High-level identities cannot modify low-level secrets. Low-level identities cannot read high-level information”, the program requires that high-level identities can be transferred into low-level identities and identities must be transferred according to corresponding privacy level. With the flexible permission settings, it can be applied to various privacy protection situations.
[1]
Adrian David Cheok,et al.
22nd International Conference on Human-Computer Interaction with Mobile Devices and Services
,
2007,
Lecture Notes in Computer Science.
[2]
Ling Liu,et al.
Privacy analysis and enhancements for data sharing in *nix systems
,
2008,
Int. J. Inf. Comput. Secur..
[3]
Elisa Bertino,et al.
TRBAC
,
2001,
ACM Trans. Inf. Syst. Secur..
[4]
Matt Blaze,et al.
A cryptographic file system for UNIX
,
1993,
CCS '93.