1 / 12

GEOPRIV Policy draft-ietf-geopriv-policy draft-ietf-geopriv-common-policy

GEOPRIV Policy draft-ietf-geopriv-policy draft-ietf-geopriv-common-policy. Henning Schulzrinne Columbia University with J. Morris, H. Tschofenig, J. Cuellar, J. Polk, J. Rosenberg. Issues. Commonality: should privacy rules be part of PIDF, not just PIDF-LO?

sued
Download Presentation

GEOPRIV Policy draft-ietf-geopriv-policy draft-ietf-geopriv-common-policy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GEOPRIV Policydraft-ietf-geopriv-policydraft-ietf-geopriv-common-policy Henning Schulzrinne Columbia University with J. Morris, H. Tschofenig, J. Cuellar, J. Polk, J. Rosenberg GEOPRIV - IETF 59 (Seoul)

  2. Issues • Commonality: should privacy rules be part of PIDF, not just PIDF-LO? • Editorial – mostly resolved in author meeting yesterday GEOPRIV - IETF 59 (Seoul)

  3. Policy relationships common policy geopriv-specific presence-specific future RPID CIPID GEOPRIV - IETF 59 (Seoul)

  4. Basic structure of rules • Conditions • identity, sphere, validity • identity as <uri> or <domain> + <except> • Actions • Transformations GEOPRIV - IETF 59 (Seoul)

  5. Exceptions for identity matching • Very restricted set of exceptions, but better viewed as more capable matching • Match domain and then check if user matches exceptions • Can be translated into row matching conditions (D;U1,U2,…): • domain == D && user NOT IN (U1,U2,…) • Does not interfere with additive nature or order-independence • Will modify to only allow user, not user@domain to avoid nonsensical “all in example.com except joe@bar.com” GEOPRIV - IETF 59 (Seoul)

  6. Combining rules • Rule matches if all conditions match • Combine matching rules only • additive permissions • order immaterial • Any field can be Undef (“NULL”) • name, type (integer, bool and enum; set; …), value • TRUE has a lower privacy protection • larger integer = lower privacy • set union = lower privacy GEOPRIV - IETF 59 (Seoul)

  7. Combining rules • Boolean: TRUE iff any row = TRUE • Integer: max(rows) • Set: union GEOPRIV - IETF 59 (Seoul)

  8. Open issues ? • Additional data types needed? • URI in common is really a user identifier • depends on using protocol and authentication mechanism • in SIP, could be From, PAI or authentication user name GEOPRIV - IETF 59 (Seoul)

  9. Geo conditions • Civil location match • any set of civil coordinates • currently, can express “if I’m on Main Street anywhere” • useful mostly if user doesn’t know full hierarchy • Geo location match • current location fully contained within spherical trapezoid of longitude/latitude values • should specify ordering, <north>, <south>, <east>, <west> ? GEOPRIV - IETF 59 (Seoul)

  10. Geo transformations • Set distribute flag • Set retention time • Keep rule (should this be generic, not just geopriv?) • Provide civil location • none, country, region, city, building, full • Provide geospatial location • resolution in bits • will add datum qualifier • Provide timezone ? GEOPRIV - IETF 59 (Seoul)

  11. Example <cp:rule id="AA56i09"> <cp:conditions> <cp:validity> <cp:from>2003-10-01T17:00:00+01:00</cp:from> <cp:to>2004-10-01T00:00:00+01:00</cp:to> </cp:validity> <gp:civil-loc-condition> <country>DE</country> <A1>Bavaria</A1> <A3>Munich</A3> <A4>Perlach</A4> </gp:civil-loc-condition> </cp:conditions> <cp:actions> <cp:confirmation>false</cp:confirmation> </cp:actions> <cp:transformations> <gp:civil-loc-transformation>full</gp:civil-loc-transformation> <gp:set-distribution>false</gp:set-distribution> <gp:keep-rules>true</gp:keep-rules> </cp:transformations> </cp:rule> GEOPRIV - IETF 59 (Seoul)

  12. Conclusion • Will produce new documents with editorial changes • Using protocol document needed to flesh out <id> (was: <uri>) element • Believed to be ready for WGLC GEOPRIV - IETF 59 (Seoul)

More Related