Issue Number: Vol. 1, No. 4
Year of Publication: Dec - 2011
Page Numbers: 797-809
Authors: Kenichi Takahashi, Takanori Matsuzaki, Tsunenori Mine, Takao Kawamura, Kazunori Sugahara
Journal Name: International Journal of New Computer Architectures and their Applications (IJNCAA)
- Hong Kong


Some of Internet services require users to provide their information such as their name, address, credit card number, and an ID-password pair. In these services, the manner in which the provided information is used is solely determined by the service providers. As a result, even when the manner appears vulnerable, users have no choice to refuse, but to allow such usage. However, the owner of the information is the user. Thus, users along with the service providers should be able to determine the manner. In this paper, we propose such a framework that enables users to select. A policy defines the manner in which his/her information is to be protected, and its manner is incorporated into a program. By allowing a service provider to use the information through the program, the user can protect his/her information in his/her selected manner. Thus, in this scenario, both the service provider and the user can determine the type of protection for the user's information. Moreover, the responsibility of the service provider for information protection would be reduced as the user would determine the type of information protection. We show the validity of the proposed framework with an example scenario to protect user password.