A Framework for Composition and Enforcement of Privacy-Aware and Context-Driven Authorization Mechanism for Multimedia Big Data

The proliferation of multimedia big data for dissemination and sharing of massive amounts of information raises important security and privacy concerns. One such concern is the composition and enforcement of privacy policies in order to securely manage access of multimedia big data. Several researchers have pointed out that for proper enforcement of privacy policies, the privacy requirements should be captured in access control systems. In this paper, we propose a hybrid approach where privacy requirements are captured in an access control system and present a framework for composition and enforcement of privacy policies. The focus is to allow a user, not a system or security administrator to compose conflict free policies for their online multimedia data. An additional requirement is that such a policy be context-aware. We also present a methodology for verifying the privacy policy in order to ensure correctness and logical consistency. The verification process is also used to ensure that sensitive security requirements are not violated when privacy rules are enforced. A prototype, named Intelligent Privacy Manager (iPM), has been implemented for sharing of multimedia big data in a secure and private manner.