基于策略的普适计算隐私保护技术研究
|
摘要
普适计算隐私保护问题可以描述为:在基于网络的应用环境中,用户的个人信息被系统采集、存储、处理和发布与共享时,如何保证用户的个人信息按照其意志被合法实体有效地访问。用户的意志可以通过让用户自己制定其隐私信息的访问控制策略(隐私策略)来得到实现,本文主要研究了隐私策略的统一表示问题和隐私策略的执行机制问题。本文的主要工作在于:
(1)描述了普适计算访问控制,在此基础上,针对普适计算应用场景和用户隐私策略命题,研究了隐私策略的基于谓词逻辑的形式化,即任何隐私策略可以形式化为谓词逻辑公式。本文认为,用户以自然语言描述的隐私策略是原始和简朴的,其形式化不仅仅是以数学语言重新翻译它,而是要结合普适计算应用的上下文,对包含在其中的隐性约束条件进行抽取和形式化。为此,描述了隐私策略命题的分解过程,并据此提出了原始隐私策略和可执行隐私策略的概念;给出了隐私策略形式化系统的字母表、项和公式的定义;根据普适计算应用特点,将普适计算应用系统抽象成一个数学结构,以便于隐私策略的形式化分析;给出隐私策略公式的解释和语义。
(2)研究了基于一阶逻辑的隐私策略模型,通过该模型统一了构成隐私策略基本要素的隐私策略原语,为本文的研究提供了一致的研究对象和隐私策略语义。在本章中,介绍了多类逻辑理论,并指出采用多类逻辑研究隐私策略模型的必要性。对自然语言描述的隐私策略样例,分析了构成隐私策略的各种原语,并将其作为用于描述隐私策略的多类逻辑的类。提出了隐私策略执行环境的模型,在此基础上,总结出了可执行的隐私策略模型。
(3)介绍了描述逻辑理论,并指出基于描述逻辑的系统,不仅可以存储术语和断言形式的领域知识,而且能提供基于术语和断言的推理服务。基于描述逻辑,并结合本文提出的隐私策略原语,建立了包含普适计算应用领域结构的抽象模型和领域个体的断言形式的隐私策略知识库PKB(TBox, ABox),为其定义了各种原子概念和原子角色,建立了TBox中的用户组公理和隐私策略公理以及ABox中的个体断言,并指出使用隐私策略公理可以表示隐私策略。根据ABox中包含的用户和用户属性、关系的个体断言,提出了隐私规则知识库PRKB(TBox, ABox, RBox)的概念,分析了隐私策略的形式化推理过程。
(4)在介绍了OWL本体语言和规则引擎的内容后,从面向应用的角度出发,主要研究了隐私策略基于本体的表示方法和基于规则的执行机制,在对隐私策略执行机制验证的基础上,提出了隐私策略在普适计算中的应用框架。对于隐私策略的本体表示,本文定义了一般规则的本体,在此基础上定义了隐私规则的本体,同时将隐私信息的查询请求也作为一种无前提的规则给予本体定义,基于这些本体,从较为抽象和泛化的层面,提出了隐私策略基于本体的一般表示方法,并通过对该表示方法的修改,增加了隐私策略对隐私信息粒度的控制功能。对于隐私策略的规则表示和推理,根据隐私策略原语,本文给出了隐私策略的规则表示,定义了隐私策略的分层执行环境以及相应的映射规则,从抽象的角度分析了隐私策略响应查询的执行流程,对该流程进行了实验验证。从一般设计的角度,借鉴计算机网络OSI分层模型的思想,提出了设计普适计算隐私保护系统的逻辑层次架构;根据上述的隐私策略本体表示和规则推理,从模式和框架的高度与层面,提出一个建议性的隐私策略在普适计算中的应用模型,并分析该应用模型的可实施性。
(5)对隐私策略的学习技术做了初步的研究。介绍了普适计算中面向隐私保护的用户上下文,将用户上下文分为静态上下和动态上下文两大类,并指出用户上下文对于隐私策略在用户管理接口中的动态生成有直接的作用和影响。介绍了基于案例的推理CBR的主要实现技术,在此基础上,提出了基于用户上下文和案例推理的隐私策略学习模型,研究了隐私策略案例的抽象表达方法以及案例索引的建立方法,根据一个普适应用场景,提出了一个隐私策略案例的检索算法,并结合用户上下文分析了隐私策略学习的过程。最后,就典型普适计算应用——基于位置服务(LBS)的应用,实现了一个用户位置信息暴露策略的CBR学习系统,以说明策略学习的可行性。
Ubiquitous/Pervasive computing system comprises heterogeneous computing devices that are‘invisibly’embedded into environment and provide users with ubiquitous access to services. For using these services, ubiquitous computing devices may form context-aware networks for capturing contexts about users. Such contexts can be used by Ubicomp system to adapt its functionality and behavior to various user preferences. This means pervasive computing system may facilitate unobtrusive access, manipulation, and presentation of personal data derived from contexts. The unobtrusive features of ubiquitous computing may foster unethical use of the technology but, more significantly, they are also much more conducive to inadvertent intrusions on privacy.
Privacy is the claim of individuals to determine for themselves when, how, and to what extent information about them is communicated to others. Accordingly, this paper address privacy issues by enabling individual (policy-author) to make privacy policies for controlling personal data. In such a case, entity (individual or agent) can access policy-author’s personal data only if permitted by her privacy policy. This paper focuses on the representation and reasoning of user privacy policy both in the level of abstract model and application frame. The main contents and innovations in this paper are summarized such as:
(1) Access control mechanism for pervasive computing is described firstly. Then, privacy policy formalization is studyed based on predicate logic for pervasive computing. That is, any user privacy policy described in natural language can be formalized as predicate logic formula by extracting the hidden restrictions in context of pervasive computing. Accordingly, this paper depicts the decomposition of privacy policy, and proposes two novel concepts: primitive privacy policy and executive privacy policy. Besides, the alphabet table, item and formula in privacy policy formalization system are defined. The pervasive computing application system is abstracted into a mathematical structure convenient for formal analysis, and the explanation and semantic of privacy policy formula are put forward.
(2) Privacy policy model based on first-order logic is introduced to uniform the privacy policy primitive which is the essential element constructing the privacy policy and provides consistent research object and privacy policy semantic for following research in this paper. Many-sorted logic is introduced and the necessity and importance of adopting it are pointed out as well. Through the analysis to privacy policy sample described in natural language, various primitive which construct privacy policy are regarded as sort in many-sorted logic. Also, the executive environment model is presented and executive privacy policy model is concluded based on it.
(3) Description logic theory is introduced, which can be used to represent and reason domain knowledge based on term and assertion. Combined description logic and the privacy policy primitive proposed by this paper, a privacy policy knowledge base PKB (TBox, ABox) including the abstract model of pervasive computing application structure and the privacy policy with the form of individual assertion is established. Besides, this paper designs the axioms for user group and privacy policy in TBox and individual assertions in ABox. At the same time, it points out that privacy policy can be expressed by privacy policy axioms. In addition, grounded on the individual assertions about users, user properties, relationships in ABox, the concept of privacy rules knowledge base PRKB (TBox, ABox, RBox) is put forward and the formalization reasoning process of privacy policy is analyzed.
(4) After introduction of Web Ontology Language and Rules Engine, both privacy policy expression method based on ontology and executive mechanism based on rules in application domain are discussed. Application frame of privacy policy in pervasive computing is proposed based on the verifying of privacy policy executive mechanism. In ontology expression side, ontology of general rules is defined firstly, followed the ontology of privacy rules. At the same time, the requests to privacy information is regarded as rules with out prerequisite to define their ontology. The general expression of privacy policy based on ontology is presented from a relatively abstract and general level. Additionally, a proper improvement is designed to add a function to control the granularity of privacy information. In rules reasoning side, according to the policy primitive, the expression method of privacy policy rules is presented, and layered implementation environment and corresponding mapping rules are defined. The procedure of response for incoming query is analyzed and substantiated by experiments. At the basis of above expression and reasoning of privacy policy basded on ontology, this paper proposed a suggestive application frame of privacy policy in pervasive computing from model and frame level, the practicality of which is analyzed.
(5) Based on user context information and the ability of CBR (Case-based Reasoning), this paper gives a preliminary study on learning context-sensitive privacy policies. Firstly, the user context for pervasive computing environment is introduced, which, in this paper, is grouped into two categories, one is static user context information, and the other is dynamic user context information. This paper argues that user context information can be used to support the dynamic generating of privacy policies in a user interface for reducing the burden of user specifying policies. A history privacy policy can be regarded as a case of CBR system, and stored into the case base. Following this basic notion, this paper presents an abstract case representation based on policy primitives, where any privacy policy case is represented as a feature-value vector. For indexing privacy policy cases, this paper chooses the requester of privacy information as key index and forms the structure of case base. Finally, case retrieval algorithm for privacy policy case base is introduced based on the core of similarity measure in this paper.
(1)描述了普适计算访问控制,在此基础上,针对普适计算应用场景和用户隐私策略命题,研究了隐私策略的基于谓词逻辑的形式化,即任何隐私策略可以形式化为谓词逻辑公式。本文认为,用户以自然语言描述的隐私策略是原始和简朴的,其形式化不仅仅是以数学语言重新翻译它,而是要结合普适计算应用的上下文,对包含在其中的隐性约束条件进行抽取和形式化。为此,描述了隐私策略命题的分解过程,并据此提出了原始隐私策略和可执行隐私策略的概念;给出了隐私策略形式化系统的字母表、项和公式的定义;根据普适计算应用特点,将普适计算应用系统抽象成一个数学结构,以便于隐私策略的形式化分析;给出隐私策略公式的解释和语义。
(2)研究了基于一阶逻辑的隐私策略模型,通过该模型统一了构成隐私策略基本要素的隐私策略原语,为本文的研究提供了一致的研究对象和隐私策略语义。在本章中,介绍了多类逻辑理论,并指出采用多类逻辑研究隐私策略模型的必要性。对自然语言描述的隐私策略样例,分析了构成隐私策略的各种原语,并将其作为用于描述隐私策略的多类逻辑的类。提出了隐私策略执行环境的模型,在此基础上,总结出了可执行的隐私策略模型。
(3)介绍了描述逻辑理论,并指出基于描述逻辑的系统,不仅可以存储术语和断言形式的领域知识,而且能提供基于术语和断言的推理服务。基于描述逻辑,并结合本文提出的隐私策略原语,建立了包含普适计算应用领域结构的抽象模型和领域个体的断言形式的隐私策略知识库PKB(TBox, ABox),为其定义了各种原子概念和原子角色,建立了TBox中的用户组公理和隐私策略公理以及ABox中的个体断言,并指出使用隐私策略公理可以表示隐私策略。根据ABox中包含的用户和用户属性、关系的个体断言,提出了隐私规则知识库PRKB(TBox, ABox, RBox)的概念,分析了隐私策略的形式化推理过程。
(4)在介绍了OWL本体语言和规则引擎的内容后,从面向应用的角度出发,主要研究了隐私策略基于本体的表示方法和基于规则的执行机制,在对隐私策略执行机制验证的基础上,提出了隐私策略在普适计算中的应用框架。对于隐私策略的本体表示,本文定义了一般规则的本体,在此基础上定义了隐私规则的本体,同时将隐私信息的查询请求也作为一种无前提的规则给予本体定义,基于这些本体,从较为抽象和泛化的层面,提出了隐私策略基于本体的一般表示方法,并通过对该表示方法的修改,增加了隐私策略对隐私信息粒度的控制功能。对于隐私策略的规则表示和推理,根据隐私策略原语,本文给出了隐私策略的规则表示,定义了隐私策略的分层执行环境以及相应的映射规则,从抽象的角度分析了隐私策略响应查询的执行流程,对该流程进行了实验验证。从一般设计的角度,借鉴计算机网络OSI分层模型的思想,提出了设计普适计算隐私保护系统的逻辑层次架构;根据上述的隐私策略本体表示和规则推理,从模式和框架的高度与层面,提出一个建议性的隐私策略在普适计算中的应用模型,并分析该应用模型的可实施性。
(5)对隐私策略的学习技术做了初步的研究。介绍了普适计算中面向隐私保护的用户上下文,将用户上下文分为静态上下和动态上下文两大类,并指出用户上下文对于隐私策略在用户管理接口中的动态生成有直接的作用和影响。介绍了基于案例的推理CBR的主要实现技术,在此基础上,提出了基于用户上下文和案例推理的隐私策略学习模型,研究了隐私策略案例的抽象表达方法以及案例索引的建立方法,根据一个普适应用场景,提出了一个隐私策略案例的检索算法,并结合用户上下文分析了隐私策略学习的过程。最后,就典型普适计算应用——基于位置服务(LBS)的应用,实现了一个用户位置信息暴露策略的CBR学习系统,以说明策略学习的可行性。
Ubiquitous/Pervasive computing system comprises heterogeneous computing devices that are‘invisibly’embedded into environment and provide users with ubiquitous access to services. For using these services, ubiquitous computing devices may form context-aware networks for capturing contexts about users. Such contexts can be used by Ubicomp system to adapt its functionality and behavior to various user preferences. This means pervasive computing system may facilitate unobtrusive access, manipulation, and presentation of personal data derived from contexts. The unobtrusive features of ubiquitous computing may foster unethical use of the technology but, more significantly, they are also much more conducive to inadvertent intrusions on privacy.
Privacy is the claim of individuals to determine for themselves when, how, and to what extent information about them is communicated to others. Accordingly, this paper address privacy issues by enabling individual (policy-author) to make privacy policies for controlling personal data. In such a case, entity (individual or agent) can access policy-author’s personal data only if permitted by her privacy policy. This paper focuses on the representation and reasoning of user privacy policy both in the level of abstract model and application frame. The main contents and innovations in this paper are summarized such as:
(1) Access control mechanism for pervasive computing is described firstly. Then, privacy policy formalization is studyed based on predicate logic for pervasive computing. That is, any user privacy policy described in natural language can be formalized as predicate logic formula by extracting the hidden restrictions in context of pervasive computing. Accordingly, this paper depicts the decomposition of privacy policy, and proposes two novel concepts: primitive privacy policy and executive privacy policy. Besides, the alphabet table, item and formula in privacy policy formalization system are defined. The pervasive computing application system is abstracted into a mathematical structure convenient for formal analysis, and the explanation and semantic of privacy policy formula are put forward.
(2) Privacy policy model based on first-order logic is introduced to uniform the privacy policy primitive which is the essential element constructing the privacy policy and provides consistent research object and privacy policy semantic for following research in this paper. Many-sorted logic is introduced and the necessity and importance of adopting it are pointed out as well. Through the analysis to privacy policy sample described in natural language, various primitive which construct privacy policy are regarded as sort in many-sorted logic. Also, the executive environment model is presented and executive privacy policy model is concluded based on it.
(3) Description logic theory is introduced, which can be used to represent and reason domain knowledge based on term and assertion. Combined description logic and the privacy policy primitive proposed by this paper, a privacy policy knowledge base PKB (TBox, ABox) including the abstract model of pervasive computing application structure and the privacy policy with the form of individual assertion is established. Besides, this paper designs the axioms for user group and privacy policy in TBox and individual assertions in ABox. At the same time, it points out that privacy policy can be expressed by privacy policy axioms. In addition, grounded on the individual assertions about users, user properties, relationships in ABox, the concept of privacy rules knowledge base PRKB (TBox, ABox, RBox) is put forward and the formalization reasoning process of privacy policy is analyzed.
(4) After introduction of Web Ontology Language and Rules Engine, both privacy policy expression method based on ontology and executive mechanism based on rules in application domain are discussed. Application frame of privacy policy in pervasive computing is proposed based on the verifying of privacy policy executive mechanism. In ontology expression side, ontology of general rules is defined firstly, followed the ontology of privacy rules. At the same time, the requests to privacy information is regarded as rules with out prerequisite to define their ontology. The general expression of privacy policy based on ontology is presented from a relatively abstract and general level. Additionally, a proper improvement is designed to add a function to control the granularity of privacy information. In rules reasoning side, according to the policy primitive, the expression method of privacy policy rules is presented, and layered implementation environment and corresponding mapping rules are defined. The procedure of response for incoming query is analyzed and substantiated by experiments. At the basis of above expression and reasoning of privacy policy basded on ontology, this paper proposed a suggestive application frame of privacy policy in pervasive computing from model and frame level, the practicality of which is analyzed.
(5) Based on user context information and the ability of CBR (Case-based Reasoning), this paper gives a preliminary study on learning context-sensitive privacy policies. Firstly, the user context for pervasive computing environment is introduced, which, in this paper, is grouped into two categories, one is static user context information, and the other is dynamic user context information. This paper argues that user context information can be used to support the dynamic generating of privacy policies in a user interface for reducing the burden of user specifying policies. A history privacy policy can be regarded as a case of CBR system, and stored into the case base. Following this basic notion, this paper presents an abstract case representation based on policy primitives, where any privacy policy case is represented as a feature-value vector. For indexing privacy policy cases, this paper chooses the requester of privacy information as key index and forms the structure of case base. Finally, case retrieval algorithm for privacy policy case base is introduced based on the core of similarity measure in this paper.
引文
[1] M. Weiser,“The computer for the twenty-first century,”Scientific American, 1991, 265(3), PP. 94-104.
[2] MIT Project Oxygen. http://oxygen.lcs.mit.edu/.
[3] Garlan D, Siewiorek D P, and Smailagic A. Project Aura: toward distraction-free pervasive computing. IEEE Pervasive Computing, 2002, 1(2):22-31.
[4] The Disappearing Computer. http://www.disappearing-computer.net/.
[5] Myles G, Friday A, Davies N. Preserving Privacy in Environments with Location-Based Applications, IEEE Pervasive Computing, 2003, 1(1): 56-64.
[6] Einar Snekkenes, Concepts for Personal Location Privacy Policies, ACM Conference on Electronic Commerce, 14-17 October 2001
[7] C.A. Ardagna, M. Cremonini, E. Damiani, S. De Capitani di Vimercati, and P. Samarati, Location Privacy Protection Through Obfuscation-Based Techniques, Data and Applications Security, Lecture Notes in Computer Science, volume 4602, pp. 47-6, Springer, 2007.
[8] D. Anthony, D. Kotz, and T. Henderson, Privacy in Location-Aware Computing Environments, IEEE PERVASIVE computing, pp. 64-72 2007.
[9] Gorlach, W. W. Terpstra, A. Heinemann, Survey on Location Privacy in Pervasive Computing, Book chapter of Security and Trust within the Context of Pervasive Computing, Volume 780, Springer Netherlands, 2004
[10] Tentori M, Favela J, Gonzalez V M, Rodrguez M D. Towards the Design of Privacy-Aware Computing: A Case Study in Hospital Work, Ubicomp 2005.
[11] G. Pallapa, N. Roy, and S. Das, Precision: Privacy Enhanced Context-Aware Information Fusion in Ubiquitous Healthcare, First International Workshop on Software Engineering for Pervasive Computing Applications, Systems, and Environments(SEPCASE'07), 2007
[12] J. Cornwell, et al. User-Controllable Security and Privacy for PervasiveComputing [C]. Eighth IEEE Workshop on Mobile Computing Systems and Applications, Tucson, USA, 2007: 14-19.
[13] Damianou N, Dulay N, Lupu E, Sloman M, Tonouchi T. Tools for domain-based policy management of distributed systems. Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS), Florence, Italy, April, 2002, pp. 203–217.
[14] Agrawal D, Calo S, Giles J, Lee K-W, Verma D. Policy management for networked systems and applications. Proceedings of the 9th IFIP/IEEE International Symposium on Integrated Network Management, Nice, France, May 2005. IEEE Computer Society Press: Los Alamitos, CA, 2005, pp. 455-468.
[15] Keoh S-L, Lupu E, Sloman M. PEACE: A policy-based establishment of ad-hoc communities. Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC), Tucson, AZ, December 2004, pp.386-395.
[16] OASIS: Security Assertion Markup Language (SAML), Technology Reports, April 14 (2003) http://xml.coverpages.org/saml.html
[17] OASIS. eXtensible Access Control Markup Language, Version 2.0. OASIS Standard, 2005.
[18] R. Iannella. ODRL: The open digital rights language initiative. http://odrl.net/, 2001.
[19] Schunter, M., Powers, C., The Enterprise Privacy Authorization Language (EPAL1.1), IBM Research Laboratory, http://www.zurich.ibm.com/security/enterpriseprivacy/epal/
[20] Lorrie Cranor, Marc Langheinrich, Massimo Marchiori, Martin Presler-Marshall, and Joseph Reagle. The Platform for Privacy Preferences 1.0 specification. W3C Recommendation, The World Wide Web Consortium, April 2002.
[21] W3C: The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, Recommendation 16 April 2002, http://www.w3.org/TR/P3P/
[22] J. Y. Halpern and V.Weissman. Using first-order logic to reason about policies.In IEEE Computer Security Foundations Workshop, 2003, pp.187-201.
[23] D. Box et al. Web services policy framework (WS-Policy), 2003. http://msdn.microsoft.com/library/en-us/dnglobspec/html/ws-policy.asp.
[24] E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, and P. Samarati. A fine-grained access control system for XML documents. ACM Transactions on Information and System Security (TISSEC), 5(2):169–202, May 2002.
[25] M. Kudoh, Y. Hirayama, S. Hada, and A. Vollschwitz. Access control specificationbased on policy evaluation and enforcement model and specification language. In Symposium on Cryptograpy and Information Security, SCIS’2000, 2000.
[26] Jajodia, S., Samarati, P., and Subrahmanian, V. S. A Logical Language for Expressing Authorizations. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, 1997, pp. 31-43
[27] Ortalo, R. A Flexible Method for Information System Security Policy Specification, Proc. 5th European Symposium on Research in Computer Security (ESORICS 98). 1998, Louvain-la-Neuve, Belgium, Springer-Verlag.
[28] R. Pucella V. Weissmann: Reasoning about Dynamic Policies, Proceedings FoSSaCS-7, Springer Lecture Notes in Computer Science 2987, 2004, pp. 453-467.
[29] Dougherty, D. J., K. Fisler and S. Krishnamurthi, Specifying and reasoning about dynamic access-control policies, in: U. Furbach and N. Shankar, editors, IJCAR, Lecture Notes in Computer Science 4130 (2006), pp. 632-646.
[30] E. Bertino, B. Catania, E. Ferrari, and P. Perlasca. A logical framework for reasoning about access control models. In 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), pp. 41–52.
[31] M.C. Tschantz and S. Krishnamurthi. Towards reasonability properties for access-control policy languages. In D.F. Ferraiolo and I. Ray, editors, SACMAT 2006,11th ACM Symposium on Access Control Models and Technologies, Proceedings, 2006, pp. 160–169.
[32] J. DeTreville. Binder, a logic-based security language. In Proceedings 2002 IEEE Symposium on Security and Privacy, 2002, pp. 95-103.
[33] S. Jajodia, P. Samarati, M. L. Sapino, and V. Subrahmanian. Flexible support for multiple access control policies. ACM Transactions on Database Systems, 2006, 26(2):214-260.
[34] N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a role-based trust-management framework. In Proceedings 2002 IEEE Symposium on Security and Privacy, 2002, pp. 114-130.
[35] S. Barker, Security Policy Specification in Logic. In Proceedings of the International Conference on Artificial Intelligence(ICAI00), Las Vegas, Nevada, USA, June 2000, pp. 143-148.
[36] F. Siewe, A. Cau, and H. Zedan, A Compositional Framework for Access Control Policies Enforcement, In Proc. of the ACM Workshop on Formal Methods in Security Engineering, 2003.
[37] D. McDermott and J. Doyle, Nonmonotonic logic I, Artificial Intelligence, 1980, pp. 41-72.
[38] J. Ullman, Database and Knowledge-Base Systems, volume 2, Computer Science Press, Rockville, Maryland, 1989.
[39] M. Balasubramanian, A. Bhatnagar, N. Chaturvedi,A. D. Chowdhury,A. Ganesh, A framework for decentralized access control, Proceedings of the 2nd ACM symposium on Information, computer and communications security, 2007, pp. 93-104.
[40] W. Thomas. Handbook of formal languages, volume 3. Springer-Verlag, New York, NY, USA, 1997.
[41] Jesper G. Henriksen, Jakob Jensen, Michae J?rgensen, Nils Klarlund , Robert Paige, Theis Rauhe and Anders Sandholm, Mona: Monadic second-order logic in practice, Lecture Notes in Computer Science, Tools and Algorithms for the Construction and Analysis of Systems, Springer Berlin / Heidelberg, Vol. 1995(1019), pp. 89-110.
[42] R. Wies, Policy Definition and Classification: Aspects, Criteria and Examples, IEEE/IFIP Workshop on Distributed Systems Operations and Management, Toulouse, Oct. 1994.
[43] M.J. Masullo and S.B. Calo, Policy Management: An Architecture and Approach, Proc. IEEE Workshop on Systems Management, UCLA, California, April 1993.
[44] M. Sloman, Policy driven management for distributed systems. Journal of Network and Systems Management, 1994.
[45] J. D. Moffett and M.S. Sloman, Policy Hierarchies for Distributed System, Proc. IEEE JSAC, Vol.11, No. 9, Dec. 1993, pp. 1404-1414.
[46] J. Roos, P. Putter, and C. Bekker, Modelling Management Policy Using Enriched Managed Objects, Integrated Network Management III (C-12), H.-G Hegering, & Y.Yemini eds., North-Holland, 1993, pp. 207–215.
[47] G. Tonti, et al. Semantic Web languages for policy representation and reasoning: A comparison of KAoS, Rei, and Ponder [C]. International Semantic Web Conference, Sanibel Island, Florida, 2003: 419-437.
[48] Rational Software Corporation, Object Constraint Language Specification, Version 1.1, Available at http://www.rational.com/uml/, September 1997.
[49] P. G. Kelley, P. H. Drielsma, N.n Sadeh, L. F. Cranor. User-Controllable Learning of Security and Privacy Policies [C]. Proceedings of the 1st ACM workshop on Workshop on AISec, Alexandria, Virginia, USA, 2008: 11-18.
[50] Samuel Warren and Louis Brandeis. The right to privacy. Harvard Law Review, 4:193-220, 1890.
[51] Alan F. Westin. Privacy and Freedom. Atheneum, New York NY, 1967.
[52] M. Langheinrich,“Privacy by Design—Principles of Privacy-Aware Ubiquitous Systems,”Proc. Ubicomp, LCNS 2201, Springer-Verlag, pp. 273–291 2001.
[53] M. Langheinrich,“A Privacy Awareness System for Ubiquitous Computing Environments”, Ubicomp, Lecture Notes in Computer Science, volume 2498, pp. 237-245, Springer, 2002.
[54] Hong, J.I. and J.A. Landay. An Architecture for Privacy-Sensitive Ubiquitous Computing. In Proceedings of The Second International Conference on Mobile Systems, Applications, and Services(Mobisys 2004). Boston, MA. pp. 177-189 2004.
[55] Y. Duan and J. Canny, Protecting User Data in Ubiquitous Computing Environments: Towards Trustworthy Environments, Privacy Enhancing Technologies, Lecture Notes in Computer Science, volume 3424, pp. 167-185, Springer, 2005.
[56] X. Jiang, J. I. Hong, and J. A. Landay, Approximate Information Flows: Socially Based Modeling of Privacy in Ubiquitous Computing, in Proceedings of Ubicomp 2002, pp. 176-193, Springer-Verlag, 2002.
[57] Chung, E.S., J.I. Hong, J. Lin, M.K. Prabaker, J.A. Landay, and A. Liu. Development and Evaluation of Emerging Design Patterns for Ubiquitous Computing. In Proceedings of Designing Interactive Systems(DIS2004). Boston, MA. pp. 233-239 2004.
[58] R. Beresford and F. Stajano. Location Privacy in Pervasive Computing. PERVASIVE computing, IEEE CS and IEEE Communications Society, (1):46-55, 2003.
[59] H. Federrath, A. Jerichow, and A. P_tzmann. MIXes in Mobile Communication Systems: Location Management with Privacy. In Information Hiding, pages 121-135, 1996.
[60] M. Reiter, AD. Rubin,“Crowds: anonymity for Web transactions,”ACM Transactions on Information and SystemSecurity. 1998, 1(1), pp. 66-92.
[61] M. Reed, P. Syverson, D. Goldschlag,“Anonymous connections and onion routing,”In: Proceedings of the IEEE Symposium on Security and Privacy. Washington: IEEE Computer Society Press, 1997, pp. 44-54.
[62] D. M. Konidala, D. N Duc, L. Dongman, K. Kwangjo,“A capability-based privacy-preserving scheme for pervasive computing environments”, Third IEEE International Conference on Pervasive Computing and CommunicationsWorkshops, 8-12 March 2005, pp. 136-140.
[63] U. Jendricke, M. Kreutzer and A. Zugenmaier,“Pervasive Privacy with Identity Management,”UBICOMP’02.
[64] H. S. Cheng, D. Zhang, J. G. Tan,“Protection of Privacy in Pervasive Computing Environments,”International Conference on Information Technology: Coding and Computing, 4-6 April 2005, pp. 242-247.
[65] D. Chaum,“Untraceable electronic mail, return addresses, and digital pseudonyms,”Communications of the ACM, 1981, 24(2), pp. 84-88.
[66] J. Al-Muhtadi, R. Campbell, A. Kapadia,“Routing through the Mist: privacy preserving communication in ubiquitous computing environments,”Proceedings of the International Conference of Distributed Computing Systems, 2002, pp. 74-83.
[67] M. Gruteser, G. Schelle, A. Jain, R. Han and D. Grunwald,“Privacy-aware location sensor networks,”Proceedings of the 9th Workshop on Hot Topics in Operating Systems (HotOS IX), Lihue, Hawaii, USA (2003).
[68] M. Gruteser, D. Grunwald,“Anonymous usage of location-based services through spatial and temporal cloaking,”Proceedings of the First International Conference on Mobile Systems, Applications, and Services (MobiSys 2003), San Francisco, CA, USA (2003).
[69]余智欣,黄天戍,杨乃扩,汪阳.一种新型的分布式隐私保护计算模型及其应用.西安交通大学学报,2007(8):954-958.
[70] Y. Duan and J. Canny,“Protecting User Data in Ubiquitous Computing Environments: Towards Trustworthy Environments,”Privacy Enhancing Technologies, Lecture Notes in Computer Science, vol. 3424, Springer, 2005, pp. 167-185.
[71] X. Jiang, J. I. Hong and J. A. Landay,“Approximate Information Flows: Socially Based Modeling of Privacy in Ubiquitous Computing,”Proc. Ubicomp 2002, Springer-Verlag, 2002, pp. 176-193.
[72] Timo Heiber and Pedro Jose Marron,“Exploring the Relationship betweenContext and Privacy,”In Privacy, Security and Trust within the Context of Pervasive Computing, the Kluwer International Series in Engineering and Computer Science, Springer-Verlag, January 2005, pp. 35-48.
[73] D. Hong, M. Yuan, and V. Y. Shen,“Dynamic privacy management: a plug-in service for the middleware in pervasive computing,”In MobileHCI 2005, Salzburg, Austria, September 2005, pp. 1-8.
[74] M. J. Covington, W. Long, S. Srinivasan, A. K. Dey, M. Ahamad, and G. D. Abowd,“Securing context-aware applications using environment roles,”In Symposium on Access Control Models and Technologies, Chantilly, Virginia, USA, May 2001, pp. 10-20.
[75] H. Chen, T. Finin, and A. Joshi,“A Pervasive Computing Ontology for User Privacy Protection in the Context Broker Architecture,”In Technical Report TR-CS-04-08, Baltimore County, Maryland, USA, 2004.
[76] U. Hengartner and P. Steenkiste,“Avoiding Privacy Violations Caused by Context-Sensitive Services,”Fourth Annual IEEE International Conference on Pervasive Computing and Communications, 13-17 March 2006, pp. 222-233.
[77] V. Bellotti, A. Sellen,“Design for Privacy in Ubiquitous Computing Environments,”Proceedings of 3rd European Conference on Computer Supported Cooperative Work, 1993, pp.77-92.
[78] M. Spreitzer, M. Theimer,“Providing location information in a ubiquitous computing environment,”In: Proceedings of the 14th ACM Symposium on Operating Systems Principles, ACM Press (1993), pp. 270-283.
[79] U. Hengartner, P. Steenkiste,“Protecting access to people location information,”Proceedings of First International Conference on Security in Pervasive Computing (SPC 2003), Boppard, Germany (2003).
[80] M. Youssef, N.R. Adam and V. Atluri,“Preserving Mobile Customer Privacy: An Access Control System for Moving Objects and Customer Profiles,”Proceedings of the 6th international conference on Mobile data management, 2005, pp. 67-76.
[81]唐留朋,夏清国,王黎明,“LBS的一种隐私保护模型,”计算机工程与设计,2008(16):4159-4161。
[82] J.M. Seigneur, S. Farrell, C.D. Jensen, E. Gray, and Y. Chen,“End-to-end Trust Starts with Recognition,”in Proceedings of Conference on Security in Pervasive Computing, March, 2003.
[83] Pho Duc Giang, Le Xuan Hung, Riaz Ahmed Shaikh, Yonil Zhung, Sungyoung Lee, Young-Koo Lee and Heejo Lee,“A Trust-Based Approach to Control Privacy Exposure in Ubiquitous Computing Environments,”Pervasive Services, IEEE International Conference, 2007, pp. 149-152.
[84] F. Almenarez and A. Marin, et al,“PTM: A Pervasive Trust Management Model for Dynamic Open Environments,”Proc. of the 1st Workshop on Pervasive Security, Privacy and Trust, 2004.
[85] R. He and J. Niu, et al,“CBTM: A trust model with uncertainty quantification and reasoning for pervasive computing,”Proceedings of the Third International Symposium on Parallel and Distributed Processing and Applications, Nanjing, China, 2005, pp. 541-552.
[86] D. Quercia and S. Hailes, et al,“B-trust: Bayesian Trust Framework for Pervasive Computing,”in Proceedings of the 4th International Conference on Trust Management, LNCS, Springer, 2006.
[87] Haque, M. M. and S. I. Ahamed,“An Omnipresent Formal Trust Mode(lFTM)for Pervasive Computing Environment,”Computer Software and Applications Conference, 2007. COMPSAC 2007-Vol. 1. 31st Annual International, 2007, 1.
[88] M. Sharmin and S. Ahmed, et al,“An Adaptive Lightweight Trust Reliant Secure Resource Discovery for Pervasive Computing Environments,”Proceedings of the Fourth Annual IEEE International Conference on Pervasive Computer and Communications, 2006, pp. 258-263.
[89] W. Wagealla, S. Terzis and C. English,“Trust-based model for privacy control in context aware systems,”in: Proceedings of the Second Workshop on Security in Ubiquitous Computing (Ubicomp2003), Seattle, Washington, USA, 2003.
[90] P. Samarati and S. De Capitani di Vimercati. Access control: Policies, models, and mechanisms. In R. Focardi and R. Gorrieri, editors, Foundations of Security Analysis and Design, LNCS 2171. Springer-Verlag, 2001.
[91] S. De Capitani di Vimercati, P. Samarati, and S. Jajodia. Policies, models, and languages for access control. In Databases in Networked Information Systems: 4th International Workshop, volume 3433 of Lecture Notes in Computer Science. Springer-Verlag, Mar. 2005.
[92] H. B. Enderton, A Mathematical Introduction to Logic, Academic Press, New York, 1972.
[93] Baader, F., et al., The Description Logic Handbook: Theory,Implementation and Applications. 2003: Cambridge University Press.
[94] Manfred Schmidt-Schau? and Gert Smolka. Attributive concept descriptions with complements. Artificial Intelligence, 48(1):1-26, 1991.
[95] R. Neches, R. E. Fikes, T. R. Cruber, et al. Enabling Technology for Knowledge Sharing. AI Magazine 1991, 12(3): 36-56.
[96] R. Studer, V. R. Benjamins, D. Fensel, Knowledge Engineering, Principles and Methods, Data and Knowledge Engineering,1998,25(1-2): 16l-19.
[97] F. H. Bechhofer, J.Hendler, OWL Web Ontology Language Reference. http://www.w3.org/TR/2004/REC-owl-ref-20040210/. Feb.10 2004.
[98] Patel-Schneider, P.F., P.Hayes,and I.Horrocks, OWL Web Ontology Language Semantics and Abstract Syntax W3C Recommendation, URL http://www.w3.org/TR/2004/REC-owl-semantics-20040210/, 10 February 2004.
[99] Dave Beckett. RDF/XML syntax specification (revised). W3C Working Draft, 2002. Available at http://www.w3.org/TR/2002/WD-rdf-syntax-grammar-20021108.
[100] Dan Brickley and R. V. Guha. Resource Description Framework (RDF) Schema Specification 1.0. W3C Recommendation, 27 March 2000. Available at http://www.w3.org/TR/2000/CR-rdf-schema-20000327/.
[101] Dan Brickley and R. V. Guha. RDF Vocabulary Description Language 1.0:RDF Schema. W3C Working Draft, 23 January 2003. Available at http://www.w3.org/TR/2003/WD-rdf-schema-20030123/.
[102] J. Broekstra, M. Klein, S. Decker, D. Fensel, F. van Harmelen, and I. Horrocks. Enabling knowledge representation on the web by extending RDF schema. In Proceedings of the tenth World Wide Web conference WWW’10, pages 467–478, May 2001.
[103] Horrocks, DAML+OIL: A description logic for the semantic web. Bull of the IEEE Computer Society Technical Committee on Data Engineering, 2002.25(1): 4-9.
[104] Horrocks, I., P.F.Patel-Schneider, and F.v.Harmelen, Reviewing the Design of DAML+OIL: An Ontology Language for the Semantic Web. Proc. of the 18th Nat. Conf. on Artificial Intelligence(AAAI 2002), AAAI Press, 2002:pp.792-797.
[105] Friedman-Hill. Jess In Action: Rule-Based Systems in Java. Greenwich:Manning Publications Company, 2003.
[106] Buchanan, B. G., and Shortliffe, E. H. 1984. Rule-Based Expert Systems. AddisonWesley.
[107]刘晓建,陈平,蔡希尧.一种基于规则的系统的软件体系结构的实现分析[J].计算机科学, 2002, 29(6): 134-137.
[108] Sandia National Laboratories, the Rule Engine for the Java Platform, http://www.jessrules.com/jess/index.shtml.
[109] The World Wide Web Consortium (W3C), The Extensible Stylesheet Language Family (XSL), http://www.w3.org/Style/XSL/.
[110] The Apache Software Foundation, Apache Xalan Project, http://xalan.apache.org/.
[111] Maxion, R. A. and Reeder, R. W. Improving user-interface dependability through mitigation of human error, International Journal of Human-Computer Studies, Vol. 63, Issues 1-2, HCI research in privacy and security, 2005, pp. 25-50.
[112] Dey, A.K. Understanding and Using Context. Personal and Ubiquitous Computing Journal, Volume 5 (1), 2001, pp. 4-7.
[113] Dey, A.K. Abowd, G.D. Towards a Better Understanding of Context and Context-Awareness. CHI 2000 Workshop on the What, Who, Where, When, and How of Context-Awareness (2000).
[114] Mark Ackerman, Trevor Darrell, and Daniel J. Weitzner. Privacy in context. Special Issue on Context-Aware Computing. Human-Computer Interaction, 16(2-4), 2001.
[115] Tom M. Mitchell, Machine learning, McGraw-Hill Companies, Inc., 1997.
[116] Sankar K. Pal, Simon C. K. Shiu, Foundations of Soft Case Based Reasoning, John Wiley & Sons, Inc., 2004.
[117] AAMODT, A., and PLAZE, E. (1994): Case-Based Reasoning: Foundational Issue, Methodological Variations, and System Approaches. In AI Communications, Vol.7, IOS Press.
[118] LEAKE, D. (1996) CBR in Context: The Present and Future. In Case-Based Reasoning, Experiences, Lessons, & Future Directions. Ed. D. Leake, Menlo Park, MIT Press.
[119]郭艳红,邓贵仕.基于事例的推理(CBR)研究综述[J].计算机工程与应用,2004,40(21):1-5.
[120]李玲娟,汤文宇. CBR在商业中的应用研究[J].南京邮电大学学报(自然科学版),2006,26(5): 17-21.
[121] Limthanmaphon B. and Zhang Y., Web Service Composition with Case-Based Reasoning. In Proc. Fourteenth Australasian Database Conference (ADC2003), Adelaide, Australia. Conferences in Research and Practice in Information Technology, 17. Schewe, K.-D. and Zhou, X., Eds., ACS. 201-208.
[122] Group for Artificial Intelligence Applications, jCOLIBRI CBR Framework, http://gaia.fdi.ucm.es/projects/jcolibri/
[123] J. A. Recio-García, B. Díaz-Agudo, P. González-Calero, jCOLIBRI2 Tutorial, http://gaia.fdi.ucm.es/projects/jcolibri/jcolibri2/tutorial.pdf
[124] J. A. Recio-García, B. Díaz-Agudo, A. Sánchez, and P. A. González-Calero. Lessons learnt in the development of a cbr framework. In M. Petridis, editor, Proccedings of the 11th UK Workshop on Case Based Reasoning, pages 60–71. CMS Press, University of Greenwich, 2006.
[125]王晓贺,蔡国永.基于描述逻辑的策略冲突检测方法研究及实现[J].计算机工程与科学, 2008, 30(6): 106-110.
[2] MIT Project Oxygen. http://oxygen.lcs.mit.edu/.
[3] Garlan D, Siewiorek D P, and Smailagic A. Project Aura: toward distraction-free pervasive computing. IEEE Pervasive Computing, 2002, 1(2):22-31.
[4] The Disappearing Computer. http://www.disappearing-computer.net/.
[5] Myles G, Friday A, Davies N. Preserving Privacy in Environments with Location-Based Applications, IEEE Pervasive Computing, 2003, 1(1): 56-64.
[6] Einar Snekkenes, Concepts for Personal Location Privacy Policies, ACM Conference on Electronic Commerce, 14-17 October 2001
[7] C.A. Ardagna, M. Cremonini, E. Damiani, S. De Capitani di Vimercati, and P. Samarati, Location Privacy Protection Through Obfuscation-Based Techniques, Data and Applications Security, Lecture Notes in Computer Science, volume 4602, pp. 47-6, Springer, 2007.
[8] D. Anthony, D. Kotz, and T. Henderson, Privacy in Location-Aware Computing Environments, IEEE PERVASIVE computing, pp. 64-72 2007.
[9] Gorlach, W. W. Terpstra, A. Heinemann, Survey on Location Privacy in Pervasive Computing, Book chapter of Security and Trust within the Context of Pervasive Computing, Volume 780, Springer Netherlands, 2004
[10] Tentori M, Favela J, Gonzalez V M, Rodrguez M D. Towards the Design of Privacy-Aware Computing: A Case Study in Hospital Work, Ubicomp 2005.
[11] G. Pallapa, N. Roy, and S. Das, Precision: Privacy Enhanced Context-Aware Information Fusion in Ubiquitous Healthcare, First International Workshop on Software Engineering for Pervasive Computing Applications, Systems, and Environments(SEPCASE'07), 2007
[12] J. Cornwell, et al. User-Controllable Security and Privacy for PervasiveComputing [C]. Eighth IEEE Workshop on Mobile Computing Systems and Applications, Tucson, USA, 2007: 14-19.
[13] Damianou N, Dulay N, Lupu E, Sloman M, Tonouchi T. Tools for domain-based policy management of distributed systems. Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS), Florence, Italy, April, 2002, pp. 203–217.
[14] Agrawal D, Calo S, Giles J, Lee K-W, Verma D. Policy management for networked systems and applications. Proceedings of the 9th IFIP/IEEE International Symposium on Integrated Network Management, Nice, France, May 2005. IEEE Computer Society Press: Los Alamitos, CA, 2005, pp. 455-468.
[15] Keoh S-L, Lupu E, Sloman M. PEACE: A policy-based establishment of ad-hoc communities. Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC), Tucson, AZ, December 2004, pp.386-395.
[16] OASIS: Security Assertion Markup Language (SAML), Technology Reports, April 14 (2003) http://xml.coverpages.org/saml.html
[17] OASIS. eXtensible Access Control Markup Language, Version 2.0. OASIS Standard, 2005.
[18] R. Iannella. ODRL: The open digital rights language initiative. http://odrl.net/, 2001.
[19] Schunter, M., Powers, C., The Enterprise Privacy Authorization Language (EPAL1.1), IBM Research Laboratory, http://www.zurich.ibm.com/security/enterpriseprivacy/epal/
[20] Lorrie Cranor, Marc Langheinrich, Massimo Marchiori, Martin Presler-Marshall, and Joseph Reagle. The Platform for Privacy Preferences 1.0 specification. W3C Recommendation, The World Wide Web Consortium, April 2002.
[21] W3C: The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, Recommendation 16 April 2002, http://www.w3.org/TR/P3P/
[22] J. Y. Halpern and V.Weissman. Using first-order logic to reason about policies.In IEEE Computer Security Foundations Workshop, 2003, pp.187-201.
[23] D. Box et al. Web services policy framework (WS-Policy), 2003. http://msdn.microsoft.com/library/en-us/dnglobspec/html/ws-policy.asp.
[24] E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, and P. Samarati. A fine-grained access control system for XML documents. ACM Transactions on Information and System Security (TISSEC), 5(2):169–202, May 2002.
[25] M. Kudoh, Y. Hirayama, S. Hada, and A. Vollschwitz. Access control specificationbased on policy evaluation and enforcement model and specification language. In Symposium on Cryptograpy and Information Security, SCIS’2000, 2000.
[26] Jajodia, S., Samarati, P., and Subrahmanian, V. S. A Logical Language for Expressing Authorizations. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, 1997, pp. 31-43
[27] Ortalo, R. A Flexible Method for Information System Security Policy Specification, Proc. 5th European Symposium on Research in Computer Security (ESORICS 98). 1998, Louvain-la-Neuve, Belgium, Springer-Verlag.
[28] R. Pucella V. Weissmann: Reasoning about Dynamic Policies, Proceedings FoSSaCS-7, Springer Lecture Notes in Computer Science 2987, 2004, pp. 453-467.
[29] Dougherty, D. J., K. Fisler and S. Krishnamurthi, Specifying and reasoning about dynamic access-control policies, in: U. Furbach and N. Shankar, editors, IJCAR, Lecture Notes in Computer Science 4130 (2006), pp. 632-646.
[30] E. Bertino, B. Catania, E. Ferrari, and P. Perlasca. A logical framework for reasoning about access control models. In 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), pp. 41–52.
[31] M.C. Tschantz and S. Krishnamurthi. Towards reasonability properties for access-control policy languages. In D.F. Ferraiolo and I. Ray, editors, SACMAT 2006,11th ACM Symposium on Access Control Models and Technologies, Proceedings, 2006, pp. 160–169.
[32] J. DeTreville. Binder, a logic-based security language. In Proceedings 2002 IEEE Symposium on Security and Privacy, 2002, pp. 95-103.
[33] S. Jajodia, P. Samarati, M. L. Sapino, and V. Subrahmanian. Flexible support for multiple access control policies. ACM Transactions on Database Systems, 2006, 26(2):214-260.
[34] N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a role-based trust-management framework. In Proceedings 2002 IEEE Symposium on Security and Privacy, 2002, pp. 114-130.
[35] S. Barker, Security Policy Specification in Logic. In Proceedings of the International Conference on Artificial Intelligence(ICAI00), Las Vegas, Nevada, USA, June 2000, pp. 143-148.
[36] F. Siewe, A. Cau, and H. Zedan, A Compositional Framework for Access Control Policies Enforcement, In Proc. of the ACM Workshop on Formal Methods in Security Engineering, 2003.
[37] D. McDermott and J. Doyle, Nonmonotonic logic I, Artificial Intelligence, 1980, pp. 41-72.
[38] J. Ullman, Database and Knowledge-Base Systems, volume 2, Computer Science Press, Rockville, Maryland, 1989.
[39] M. Balasubramanian, A. Bhatnagar, N. Chaturvedi,A. D. Chowdhury,A. Ganesh, A framework for decentralized access control, Proceedings of the 2nd ACM symposium on Information, computer and communications security, 2007, pp. 93-104.
[40] W. Thomas. Handbook of formal languages, volume 3. Springer-Verlag, New York, NY, USA, 1997.
[41] Jesper G. Henriksen, Jakob Jensen, Michae J?rgensen, Nils Klarlund , Robert Paige, Theis Rauhe and Anders Sandholm, Mona: Monadic second-order logic in practice, Lecture Notes in Computer Science, Tools and Algorithms for the Construction and Analysis of Systems, Springer Berlin / Heidelberg, Vol. 1995(1019), pp. 89-110.
[42] R. Wies, Policy Definition and Classification: Aspects, Criteria and Examples, IEEE/IFIP Workshop on Distributed Systems Operations and Management, Toulouse, Oct. 1994.
[43] M.J. Masullo and S.B. Calo, Policy Management: An Architecture and Approach, Proc. IEEE Workshop on Systems Management, UCLA, California, April 1993.
[44] M. Sloman, Policy driven management for distributed systems. Journal of Network and Systems Management, 1994.
[45] J. D. Moffett and M.S. Sloman, Policy Hierarchies for Distributed System, Proc. IEEE JSAC, Vol.11, No. 9, Dec. 1993, pp. 1404-1414.
[46] J. Roos, P. Putter, and C. Bekker, Modelling Management Policy Using Enriched Managed Objects, Integrated Network Management III (C-12), H.-G Hegering, & Y.Yemini eds., North-Holland, 1993, pp. 207–215.
[47] G. Tonti, et al. Semantic Web languages for policy representation and reasoning: A comparison of KAoS, Rei, and Ponder [C]. International Semantic Web Conference, Sanibel Island, Florida, 2003: 419-437.
[48] Rational Software Corporation, Object Constraint Language Specification, Version 1.1, Available at http://www.rational.com/uml/, September 1997.
[49] P. G. Kelley, P. H. Drielsma, N.n Sadeh, L. F. Cranor. User-Controllable Learning of Security and Privacy Policies [C]. Proceedings of the 1st ACM workshop on Workshop on AISec, Alexandria, Virginia, USA, 2008: 11-18.
[50] Samuel Warren and Louis Brandeis. The right to privacy. Harvard Law Review, 4:193-220, 1890.
[51] Alan F. Westin. Privacy and Freedom. Atheneum, New York NY, 1967.
[52] M. Langheinrich,“Privacy by Design—Principles of Privacy-Aware Ubiquitous Systems,”Proc. Ubicomp, LCNS 2201, Springer-Verlag, pp. 273–291 2001.
[53] M. Langheinrich,“A Privacy Awareness System for Ubiquitous Computing Environments”, Ubicomp, Lecture Notes in Computer Science, volume 2498, pp. 237-245, Springer, 2002.
[54] Hong, J.I. and J.A. Landay. An Architecture for Privacy-Sensitive Ubiquitous Computing. In Proceedings of The Second International Conference on Mobile Systems, Applications, and Services(Mobisys 2004). Boston, MA. pp. 177-189 2004.
[55] Y. Duan and J. Canny, Protecting User Data in Ubiquitous Computing Environments: Towards Trustworthy Environments, Privacy Enhancing Technologies, Lecture Notes in Computer Science, volume 3424, pp. 167-185, Springer, 2005.
[56] X. Jiang, J. I. Hong, and J. A. Landay, Approximate Information Flows: Socially Based Modeling of Privacy in Ubiquitous Computing, in Proceedings of Ubicomp 2002, pp. 176-193, Springer-Verlag, 2002.
[57] Chung, E.S., J.I. Hong, J. Lin, M.K. Prabaker, J.A. Landay, and A. Liu. Development and Evaluation of Emerging Design Patterns for Ubiquitous Computing. In Proceedings of Designing Interactive Systems(DIS2004). Boston, MA. pp. 233-239 2004.
[58] R. Beresford and F. Stajano. Location Privacy in Pervasive Computing. PERVASIVE computing, IEEE CS and IEEE Communications Society, (1):46-55, 2003.
[59] H. Federrath, A. Jerichow, and A. P_tzmann. MIXes in Mobile Communication Systems: Location Management with Privacy. In Information Hiding, pages 121-135, 1996.
[60] M. Reiter, AD. Rubin,“Crowds: anonymity for Web transactions,”ACM Transactions on Information and SystemSecurity. 1998, 1(1), pp. 66-92.
[61] M. Reed, P. Syverson, D. Goldschlag,“Anonymous connections and onion routing,”In: Proceedings of the IEEE Symposium on Security and Privacy. Washington: IEEE Computer Society Press, 1997, pp. 44-54.
[62] D. M. Konidala, D. N Duc, L. Dongman, K. Kwangjo,“A capability-based privacy-preserving scheme for pervasive computing environments”, Third IEEE International Conference on Pervasive Computing and CommunicationsWorkshops, 8-12 March 2005, pp. 136-140.
[63] U. Jendricke, M. Kreutzer and A. Zugenmaier,“Pervasive Privacy with Identity Management,”UBICOMP’02.
[64] H. S. Cheng, D. Zhang, J. G. Tan,“Protection of Privacy in Pervasive Computing Environments,”International Conference on Information Technology: Coding and Computing, 4-6 April 2005, pp. 242-247.
[65] D. Chaum,“Untraceable electronic mail, return addresses, and digital pseudonyms,”Communications of the ACM, 1981, 24(2), pp. 84-88.
[66] J. Al-Muhtadi, R. Campbell, A. Kapadia,“Routing through the Mist: privacy preserving communication in ubiquitous computing environments,”Proceedings of the International Conference of Distributed Computing Systems, 2002, pp. 74-83.
[67] M. Gruteser, G. Schelle, A. Jain, R. Han and D. Grunwald,“Privacy-aware location sensor networks,”Proceedings of the 9th Workshop on Hot Topics in Operating Systems (HotOS IX), Lihue, Hawaii, USA (2003).
[68] M. Gruteser, D. Grunwald,“Anonymous usage of location-based services through spatial and temporal cloaking,”Proceedings of the First International Conference on Mobile Systems, Applications, and Services (MobiSys 2003), San Francisco, CA, USA (2003).
[69]余智欣,黄天戍,杨乃扩,汪阳.一种新型的分布式隐私保护计算模型及其应用.西安交通大学学报,2007(8):954-958.
[70] Y. Duan and J. Canny,“Protecting User Data in Ubiquitous Computing Environments: Towards Trustworthy Environments,”Privacy Enhancing Technologies, Lecture Notes in Computer Science, vol. 3424, Springer, 2005, pp. 167-185.
[71] X. Jiang, J. I. Hong and J. A. Landay,“Approximate Information Flows: Socially Based Modeling of Privacy in Ubiquitous Computing,”Proc. Ubicomp 2002, Springer-Verlag, 2002, pp. 176-193.
[72] Timo Heiber and Pedro Jose Marron,“Exploring the Relationship betweenContext and Privacy,”In Privacy, Security and Trust within the Context of Pervasive Computing, the Kluwer International Series in Engineering and Computer Science, Springer-Verlag, January 2005, pp. 35-48.
[73] D. Hong, M. Yuan, and V. Y. Shen,“Dynamic privacy management: a plug-in service for the middleware in pervasive computing,”In MobileHCI 2005, Salzburg, Austria, September 2005, pp. 1-8.
[74] M. J. Covington, W. Long, S. Srinivasan, A. K. Dey, M. Ahamad, and G. D. Abowd,“Securing context-aware applications using environment roles,”In Symposium on Access Control Models and Technologies, Chantilly, Virginia, USA, May 2001, pp. 10-20.
[75] H. Chen, T. Finin, and A. Joshi,“A Pervasive Computing Ontology for User Privacy Protection in the Context Broker Architecture,”In Technical Report TR-CS-04-08, Baltimore County, Maryland, USA, 2004.
[76] U. Hengartner and P. Steenkiste,“Avoiding Privacy Violations Caused by Context-Sensitive Services,”Fourth Annual IEEE International Conference on Pervasive Computing and Communications, 13-17 March 2006, pp. 222-233.
[77] V. Bellotti, A. Sellen,“Design for Privacy in Ubiquitous Computing Environments,”Proceedings of 3rd European Conference on Computer Supported Cooperative Work, 1993, pp.77-92.
[78] M. Spreitzer, M. Theimer,“Providing location information in a ubiquitous computing environment,”In: Proceedings of the 14th ACM Symposium on Operating Systems Principles, ACM Press (1993), pp. 270-283.
[79] U. Hengartner, P. Steenkiste,“Protecting access to people location information,”Proceedings of First International Conference on Security in Pervasive Computing (SPC 2003), Boppard, Germany (2003).
[80] M. Youssef, N.R. Adam and V. Atluri,“Preserving Mobile Customer Privacy: An Access Control System for Moving Objects and Customer Profiles,”Proceedings of the 6th international conference on Mobile data management, 2005, pp. 67-76.
[81]唐留朋,夏清国,王黎明,“LBS的一种隐私保护模型,”计算机工程与设计,2008(16):4159-4161。
[82] J.M. Seigneur, S. Farrell, C.D. Jensen, E. Gray, and Y. Chen,“End-to-end Trust Starts with Recognition,”in Proceedings of Conference on Security in Pervasive Computing, March, 2003.
[83] Pho Duc Giang, Le Xuan Hung, Riaz Ahmed Shaikh, Yonil Zhung, Sungyoung Lee, Young-Koo Lee and Heejo Lee,“A Trust-Based Approach to Control Privacy Exposure in Ubiquitous Computing Environments,”Pervasive Services, IEEE International Conference, 2007, pp. 149-152.
[84] F. Almenarez and A. Marin, et al,“PTM: A Pervasive Trust Management Model for Dynamic Open Environments,”Proc. of the 1st Workshop on Pervasive Security, Privacy and Trust, 2004.
[85] R. He and J. Niu, et al,“CBTM: A trust model with uncertainty quantification and reasoning for pervasive computing,”Proceedings of the Third International Symposium on Parallel and Distributed Processing and Applications, Nanjing, China, 2005, pp. 541-552.
[86] D. Quercia and S. Hailes, et al,“B-trust: Bayesian Trust Framework for Pervasive Computing,”in Proceedings of the 4th International Conference on Trust Management, LNCS, Springer, 2006.
[87] Haque, M. M. and S. I. Ahamed,“An Omnipresent Formal Trust Mode(lFTM)for Pervasive Computing Environment,”Computer Software and Applications Conference, 2007. COMPSAC 2007-Vol. 1. 31st Annual International, 2007, 1.
[88] M. Sharmin and S. Ahmed, et al,“An Adaptive Lightweight Trust Reliant Secure Resource Discovery for Pervasive Computing Environments,”Proceedings of the Fourth Annual IEEE International Conference on Pervasive Computer and Communications, 2006, pp. 258-263.
[89] W. Wagealla, S. Terzis and C. English,“Trust-based model for privacy control in context aware systems,”in: Proceedings of the Second Workshop on Security in Ubiquitous Computing (Ubicomp2003), Seattle, Washington, USA, 2003.
[90] P. Samarati and S. De Capitani di Vimercati. Access control: Policies, models, and mechanisms. In R. Focardi and R. Gorrieri, editors, Foundations of Security Analysis and Design, LNCS 2171. Springer-Verlag, 2001.
[91] S. De Capitani di Vimercati, P. Samarati, and S. Jajodia. Policies, models, and languages for access control. In Databases in Networked Information Systems: 4th International Workshop, volume 3433 of Lecture Notes in Computer Science. Springer-Verlag, Mar. 2005.
[92] H. B. Enderton, A Mathematical Introduction to Logic, Academic Press, New York, 1972.
[93] Baader, F., et al., The Description Logic Handbook: Theory,Implementation and Applications. 2003: Cambridge University Press.
[94] Manfred Schmidt-Schau? and Gert Smolka. Attributive concept descriptions with complements. Artificial Intelligence, 48(1):1-26, 1991.
[95] R. Neches, R. E. Fikes, T. R. Cruber, et al. Enabling Technology for Knowledge Sharing. AI Magazine 1991, 12(3): 36-56.
[96] R. Studer, V. R. Benjamins, D. Fensel, Knowledge Engineering, Principles and Methods, Data and Knowledge Engineering,1998,25(1-2): 16l-19.
[97] F. H. Bechhofer, J.Hendler, OWL Web Ontology Language Reference. http://www.w3.org/TR/2004/REC-owl-ref-20040210/. Feb.10 2004.
[98] Patel-Schneider, P.F., P.Hayes,and I.Horrocks, OWL Web Ontology Language Semantics and Abstract Syntax W3C Recommendation, URL http://www.w3.org/TR/2004/REC-owl-semantics-20040210/, 10 February 2004.
[99] Dave Beckett. RDF/XML syntax specification (revised). W3C Working Draft, 2002. Available at http://www.w3.org/TR/2002/WD-rdf-syntax-grammar-20021108.
[100] Dan Brickley and R. V. Guha. Resource Description Framework (RDF) Schema Specification 1.0. W3C Recommendation, 27 March 2000. Available at http://www.w3.org/TR/2000/CR-rdf-schema-20000327/.
[101] Dan Brickley and R. V. Guha. RDF Vocabulary Description Language 1.0:RDF Schema. W3C Working Draft, 23 January 2003. Available at http://www.w3.org/TR/2003/WD-rdf-schema-20030123/.
[102] J. Broekstra, M. Klein, S. Decker, D. Fensel, F. van Harmelen, and I. Horrocks. Enabling knowledge representation on the web by extending RDF schema. In Proceedings of the tenth World Wide Web conference WWW’10, pages 467–478, May 2001.
[103] Horrocks, DAML+OIL: A description logic for the semantic web. Bull of the IEEE Computer Society Technical Committee on Data Engineering, 2002.25(1): 4-9.
[104] Horrocks, I., P.F.Patel-Schneider, and F.v.Harmelen, Reviewing the Design of DAML+OIL: An Ontology Language for the Semantic Web. Proc. of the 18th Nat. Conf. on Artificial Intelligence(AAAI 2002), AAAI Press, 2002:pp.792-797.
[105] Friedman-Hill. Jess In Action: Rule-Based Systems in Java. Greenwich:Manning Publications Company, 2003.
[106] Buchanan, B. G., and Shortliffe, E. H. 1984. Rule-Based Expert Systems. AddisonWesley.
[107]刘晓建,陈平,蔡希尧.一种基于规则的系统的软件体系结构的实现分析[J].计算机科学, 2002, 29(6): 134-137.
[108] Sandia National Laboratories, the Rule Engine for the Java Platform, http://www.jessrules.com/jess/index.shtml.
[109] The World Wide Web Consortium (W3C), The Extensible Stylesheet Language Family (XSL), http://www.w3.org/Style/XSL/.
[110] The Apache Software Foundation, Apache Xalan Project, http://xalan.apache.org/.
[111] Maxion, R. A. and Reeder, R. W. Improving user-interface dependability through mitigation of human error, International Journal of Human-Computer Studies, Vol. 63, Issues 1-2, HCI research in privacy and security, 2005, pp. 25-50.
[112] Dey, A.K. Understanding and Using Context. Personal and Ubiquitous Computing Journal, Volume 5 (1), 2001, pp. 4-7.
[113] Dey, A.K. Abowd, G.D. Towards a Better Understanding of Context and Context-Awareness. CHI 2000 Workshop on the What, Who, Where, When, and How of Context-Awareness (2000).
[114] Mark Ackerman, Trevor Darrell, and Daniel J. Weitzner. Privacy in context. Special Issue on Context-Aware Computing. Human-Computer Interaction, 16(2-4), 2001.
[115] Tom M. Mitchell, Machine learning, McGraw-Hill Companies, Inc., 1997.
[116] Sankar K. Pal, Simon C. K. Shiu, Foundations of Soft Case Based Reasoning, John Wiley & Sons, Inc., 2004.
[117] AAMODT, A., and PLAZE, E. (1994): Case-Based Reasoning: Foundational Issue, Methodological Variations, and System Approaches. In AI Communications, Vol.7, IOS Press.
[118] LEAKE, D. (1996) CBR in Context: The Present and Future. In Case-Based Reasoning, Experiences, Lessons, & Future Directions. Ed. D. Leake, Menlo Park, MIT Press.
[119]郭艳红,邓贵仕.基于事例的推理(CBR)研究综述[J].计算机工程与应用,2004,40(21):1-5.
[120]李玲娟,汤文宇. CBR在商业中的应用研究[J].南京邮电大学学报(自然科学版),2006,26(5): 17-21.
[121] Limthanmaphon B. and Zhang Y., Web Service Composition with Case-Based Reasoning. In Proc. Fourteenth Australasian Database Conference (ADC2003), Adelaide, Australia. Conferences in Research and Practice in Information Technology, 17. Schewe, K.-D. and Zhou, X., Eds., ACS. 201-208.
[122] Group for Artificial Intelligence Applications, jCOLIBRI CBR Framework, http://gaia.fdi.ucm.es/projects/jcolibri/
[123] J. A. Recio-García, B. Díaz-Agudo, P. González-Calero, jCOLIBRI2 Tutorial, http://gaia.fdi.ucm.es/projects/jcolibri/jcolibri2/tutorial.pdf
[124] J. A. Recio-García, B. Díaz-Agudo, A. Sánchez, and P. A. González-Calero. Lessons learnt in the development of a cbr framework. In M. Petridis, editor, Proccedings of the 11th UK Workshop on Case Based Reasoning, pages 60–71. CMS Press, University of Greenwich, 2006.
[125]王晓贺,蔡国永.基于描述逻辑的策略冲突检测方法研究及实现[J].计算机工程与科学, 2008, 30(6): 106-110.