Protection of Personal Information Based on User Preference

Some of Internet services require users to provide their information such as their name, address, credit card number, and an ID-password pair. In these services, the manner in which the provided information is used is solely determined by the service providers. As a result, even when the manner appears vulnerable, users have no choice to refuse, but to allow such usage. However, the owner of the information is the user. Thus, users along with the service providers should be able to determine the manner. In this paper, the authors propose such a framework that enables users to select. A policy defines the manner in which his/her information is to be protected, and its manner is incorporated into a program.