Presentation is loading. Please wait.

Presentation is loading. Please wait.

Policy enforcement and filtering for geospatial information

Published byJune Lawson Modified over 5 years ago

Similar presentations

Presentation on theme: "Policy enforcement and filtering for geospatial information"— Presentation transcript:

1 Policy enforcement and filtering for geospatial information
Henning Schulzrinne Columbia University 4-Aug-19 IETF GEOPRIV interim meeting

2 Architectures for (geo) information access
Claim: all using protocols fall into one of these categories Presence or event notification “circuit-switched” model subscription: binary decision Messaging , SMS basically, event notification without (explicit) subscription but often out-of-band subscription (mailing list) Request-response RPC, HTTP; also DNS, LDAP typically, already has session-level access control (if any at all) Presence is superset of other two 4-Aug-19 IETF GEOPRIV interim meeting

3 Presence/Event notification
Three places for policy enforcement subscription  binary only policy, no geo information subscriber may provide filter  could reject based on filter (“sorry, you only get county-level information”)  greatly improves scaling since no event-level checks needed notification  content filtering, suppression third-party notification e.g., event aggregator can convert models: gateway subscribes to event source, distributes by both policy and geo data 4-Aug-19 IETF GEOPRIV interim meeting

4 IETF GEOPRIV interim meeting
Presence model SUBSCRIBE subscription policy subscriber (watcher) for each watcher event generator policy subscriber filter rate limiter change to previous notification? NOTIFY 4-Aug-19 IETF GEOPRIV interim meeting

5 IETF GEOPRIV interim meeting
Policy rules There is no sharp geopriv boundary Presence contains other sensitive data (activity, icons, …) and others may be added Example: future extensions to personal medical data “only my cardiologist may see heart rate, but notify everybody in building if heart rate = 0” Thus, generic policies are necessary 4-Aug-19 IETF GEOPRIV interim meeting

6 IETF GEOPRIV interim meeting
Processing models Sequential model: for each subscriber, apply rules to new data doesn’t scale well to large groups Relational database model: re-use indexing and other query optimizations well-defined query and matching semantics e.g., mySQL and PostGres have geo extensions At time of subscription: SELECT address FROM policies WHERE person=$subscriber (AND now() between(starttime,endtime) OR starttime is null) AND (a3=$a3 or a3 is null) … 4-Aug-19 IETF GEOPRIV interim meeting

7 IETF GEOPRIV interim meeting
Request-response Same as presence: request ≈ event trigger sometimes also session-based  ≈ subscription 4-Aug-19 IETF GEOPRIV interim meeting

8 Concern: fit into protocols
Authentication is done in using protocol Must fit into those protocols E.g., can’t magically say “present token” without specifying how token can be presented in these protocols effectively modifies using protocols  e.g., requires SIP or HTTP modification 4-Aug-19 IETF GEOPRIV interim meeting

9 Concern: explicit consent
“Require consent” are not implementable without lots of additional detail Require consent means different things in different contexts: subscription: mark subscription as pending, notify presentity, presentity installs filter that resolves into accept or reject  SIMPLE model careful not to reveal that presentity is present… notification: why not just proxy NOTIFY to rulemaker? minor efficiency advantage by sending list only would need to define format for identifying precise requests same person could have multiple requests with different details 4-Aug-19 IETF GEOPRIV interim meeting

10 Concern: explicit notification
To be useful, requires definition of notification format Could simply ‘cc’ rulemaker on each notification If that, why not just subscribe to my own presence status? Is it important to know the complete list of people that got the current notification and what exactly they received? Opportunity for spamming innocent third parties that never wanted to be notified Notification can be very large if it includes copies of actual notifications  sorcerer’s apprentice problem 4-Aug-19 IETF GEOPRIV interim meeting

11 Concern: provide meaningful feedback to subscriber
Polite model: allow subscription, but never send any notifications avoids offense  Frank model: evaluate subscriber (or request) filter if too nosy, tell subscriber what to ask for avoids surprises and simplifies debugging reveals my privacy preferences  do I care if Acme Towing knows that I don’t fully trust them? 4-Aug-19 IETF GEOPRIV interim meeting

Download ppt "Policy enforcement and filtering for geospatial information"

Similar presentations

SIP, Presence and Instant Messaging

SIP, Presence and Instant Messaging
SIP and Instant Messaging. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.

SIP and Instant Messaging. SIP Summit SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.
www.dynamicsoft.com Fall IM 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.

Fall IM 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.
SIMPLE Open Issues Jonathan Rosenberg dynamicsoft IETF 52.

SIMPLE Open Issues Jonathan Rosenberg dynamicsoft IETF 52.
www.dynamicsoft.com IM 2000 -- May 24, 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.

IM May 24, 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.
www.dynamicsoft.com VON Europe 2000 -- 06/19/00 SIP and the Future of VON Protocols SIP and the Future of VON Protocols: Presence and IM Jonathan Rosenberg.

VON Europe /19/00 SIP and the Future of VON Protocols SIP and the Future of VON Protocols: Presence and IM Jonathan Rosenberg.
www.dynamicsoft.com Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.
XCAP Tutorial Jonathan Rosenberg.

XCAP Tutorial Jonathan Rosenberg.
Yunling Wang VoIP Security COMS 4995 Nov 24, 2008 XCAP The Extensible Markup Language (XML) Configuration Access Protocol (XCAP)

Yunling Wang VoIP Security COMS 4995 Nov 24, 2008 XCAP The Extensible Markup Language (XML) Configuration Access Protocol (XCAP)
Feature Interaction Handling in LESS Xiaotao Wu and Henning Schulzrinne Internet Real Time Laboratory.

Feature Interaction Handling in LESS Xiaotao Wu and Henning Schulzrinne Internet Real Time Laboratory.
SIMPLE Presence Traffic Optimization and Server Scalability Vishal Kumar Singh Henning Schulzrinne Markus Isomaki Piotr Boni IETF 67, San Diego.

SIMPLE Presence Traffic Optimization and Server Scalability Vishal Kumar Singh Henning Schulzrinne Markus Isomaki Piotr Boni IETF 67, San Diego.
A Generic Event Notification System Using XML and SIP Knarig Arabshian and Henning Schulzrinne Department of Computer Science Columbia University

A Generic Event Notification System Using XML and SIP Knarig Arabshian and Henning Schulzrinne Department of Computer Science Columbia University
Making Multimedia Services Location-Aware Henning Schulzrinne (with Knarig Arabshian, Stefan Berger, Stelios Sidiroglou, Kundan Singh, Xiaotao Wu, Weibin.

Making Multimedia Services Location-Aware Henning Schulzrinne (with Knarig Arabshian, Stefan Berger, Stelios Sidiroglou, Kundan Singh, Xiaotao Wu, Weibin.
Internet Telephony Helen J. Wang Network Reading Group, Jan 27, 99 Acknowledgement: Jimmy, Bhaskar.

Internet Telephony Helen J. Wang Network Reading Group, Jan 27, 99 Acknowledgement: Jimmy, Bhaskar.
Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.

Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.
SIMPLEStone – A presence server performance benchmarking standard SIMPLEStone – A presence server performance benchmarking standard Presented by Vishal.

SIMPLEStone – A presence server performance benchmarking standard SIMPLEStone – A presence server performance benchmarking standard Presented by Vishal.
ORBIT NSF site visit - July 14, 20041 Location-based Services & data propagation in ORBIT Henning Schulzrinne Dept. of Computer Science.

ORBIT NSF site visit - July 14, Location-based Services & data propagation in ORBIT Henning Schulzrinne Dept. of Computer Science.
XCON architecture and protocol musings Henning Schulzrinne Columbia University.

XCON architecture and protocol musings Henning Schulzrinne Columbia University.
Presence Vishal Kumar Singh and Henning Schulzrinne Feb 10, 2006.

Presence Vishal Kumar Singh and Henning Schulzrinne Feb 10, 2006.
CFP 2005 (Seattle) -- April 2005 Location-based services – an IETF perspective Henning Schulzrinne (+ Xiaotao Wu, Ron Shacham) Dept. of Computer Science.

CFP 2005 (Seattle) -- April 2005 Location-based services – an IETF perspective Henning Schulzrinne (+ Xiaotao Wu, Ron Shacham) Dept. of Computer Science.

Similar presentations

Ads by Google