By Topic

A Unified User Consent Acquisition and Delivery Mechanism for Multi-Source User Data Integrated Service

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Youngseob Cho ; Information Security Research Division, Electronics and Telecommunication Research Institute, Daejeon, South Korea. e-mail: ; Sangrae Cho ; Seung-Hun Jin

Internet service providers have usually collected and maintained user data necessary for their services. Recently, many SP (service provider)s supply users with integrated services which combine existent user data of other service providers. When UdP(User Data Provider) provides SP with user data, it should acquire user consent to preserve user privacy and to avoid future responsibility. However, UdP has not direct session with user, so it is very difficult that the UdP acquires user consent directly from the user. In addition, if user may give its consent base on individual UdP, this may be inconvenient for user. In this paper, we propose a unified user consent acquisition and delivery mechanism for multi-source user data integrated service. We introduce DA(delegation authority) for user consent acquisition and delivery. DA acquires user consent to UdP's data providing from user and generates an ELA(electronic letter of authorization) from user consent information, and sends it to SP. SP sends the ELA with user data request to UdPs, which use the ELA for deciding whether to provide user data. We design ELA scheme, message protocols and other components such as bindings, metadata and identifier. The proposed mechanism enables user to control explicitly its own data flow and to give its consent to all SP service-related UdPs only for one interaction.

Published in:

2007 IEEE International Symposium on Consumer Electronics

Date of Conference:

20-23 June 2007