A privacy enhancing infrastructure for context-awareness

Context-awareness enables applications and services to better fulfil the needs of users by adapting to their situation and their preferences. However, the use of contextual information is complicated by privacy concerns. A subjects context is personal and needs to be regarded as sensitive. Hence, contextual information must only be used with the consensus of the subject and according to their privacy preferences. This thesis examines the development of privacy-friendly context-aware systems. In particular the focus is on (A) improving the overall level of privacy, (B) evaluating access control mechanisms, (C) providing development support, and (D) offering protection to third-party infrastructures. The hypothesis investigated is whether these objectives can be achieved through the use of a privacy enhancing infrastructure. As part of the investigation two conceptual models are presented describing the assumptions made about context and privacy. Also presented is a decentralised privacy enhancing infrastructure developed and implemented to determine the validity of the hypothesis. Along with the infrastructure mechanisms for privacy protection including authentication, access control, and anonymity are discussed. A general data format for context communication in the infrastructure is also presented. Finally the thesis presents the findings uncovered during the investigation and evaluation of the hypothesis. This includes a qualitative analysis of whether the privacy enhancing infrastructure meets the key objectives, a user survey examining the performance of two candidate access control mechanism, a performance measure of the infrastructure when run with resource constrained devices, and a comparison with the approaches taken in related work.

[1]  Bill Serra,et al.  People, Places, Things: Web Presence for the Real World , 2002, Mob. Networks Appl..

[2]  Gregory D. Abowd,et al.  The context toolkit: aiding the development of context-enabled applications , 1999, CHI '99.

[3]  Gregory D. Abowd,et al.  Supporting Capture and Access Interfaces for Informal and Opportunistic Meetings , 1999 .

[4]  Bill N. Schilit,et al.  Context-aware computing applications , 1994, Workshop on Mobile Computing Systems and Applications.

[5]  James A. Landay,et al.  An Infrastructure Approach to Context-Aware Computing , 2001, Hum. Comput. Interact..

[6]  Nick S. Ryan,et al.  The development of a privacy-enhancing infrastructure: Some interesting findings , 2004 .

[7]  Uwe Hansmann,et al.  Pervasive Computing , 2003 .

[8]  Gregory D. Abowd,et al.  The Aware Home: A Living Laboratory for Ubiquitous Computing Research , 1999, CoBuild.

[9]  David R. Morse,et al.  FieldNote: a Handheld Information System for the Field , 1999 .

[10]  A. Harter,et al.  A distributed location system for the active office , 1994, IEEE Network.

[11]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[12]  Nick S. Ryan,et al.  Context, CC/PP, and P3P , 2002 .

[13]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[14]  Philippe Debaty,et al.  Uniform Web presence architecture for people, places, and things , 2001, IEEE Wirel. Commun..

[15]  Kent Larson,et al.  THE PLACELAB : A LIVE-IN LABORATORY FOR PERVASIVE COMPUTING RESEARCH ( VIDEO ) , 2005 .

[16]  David W. Chadwick,et al.  ‘R‐What?’ Development of a role‐based access control policy‐writing tool for e‐Scientists , 2005, Softw. Pract. Exp..

[17]  Keith Cheverst,et al.  Developing a context-aware electronic tourist guide: some issues and experiences , 2000, CHI.

[18]  Bill N. Schilit,et al.  Disseminating active map information to mobile hosts , 1994, IEEE Network.

[19]  Philippe Kruchten,et al.  What Is the Rational Unified Process ? , 2001 .

[20]  Elizabeth D. Mynatt,et al.  Enabling privacy management in ubiquitous com-puting environments through trust and reputation syste , 2002 .

[21]  David E. Culler,et al.  Mica: A Wireless Platform for Deeply Embedded Networks , 2002, IEEE Micro.

[22]  Jon Crowcroft Scalable Ubiquitous Computing Systems or just Ubiquitous Systems , 2003 .

[23]  Albrecht Schmidt,et al.  Pin&Play: Networking Objects through Pins , 2002, UbiComp.

[24]  Steven K. Feiner,et al.  Of Vampire mirrors and privacy lamps: privacy management in multi-user augmented environments , 1998, UIST '98.

[25]  Albrecht Schmidt,et al.  Multi-Sensor Context-Awareness in Mobile Devices and Smart Artifacts , 2002, Mob. Networks Appl..

[26]  David W. Chadwick,et al.  Role-Based Access Control With X.509 Attribute Certificates , 2003, IEEE Internet Comput..

[27]  Security Rsa,et al.  TWIRL and RSA Key Size , 2003 .

[28]  Philippe Kruchten,et al.  The Rational Unified Process: An Introduction , 1998 .

[29]  Mark Weiser,et al.  Some computer science issues in ubiquitous computing , 1993, CACM.

[30]  Jani Mäntyjärvi,et al.  Managing Context Information in Mobile Devices , 2003, IEEE Pervasive Comput..

[31]  Andy Hopper,et al.  The Anatomy of a Context-Aware Application , 2002, Wirel. Networks.

[32]  David R. Morse,et al.  FieldNote: extending a GIS into the field , 1999 .

[33]  Andy Hopper,et al.  Active badges and personal interactive computing objects , 1992 .

[34]  Gregory D. Abowd,et al.  Towards a Better Understanding of Context and Context-Awareness , 1999, HUC.

[35]  David R. Morse,et al.  Enhanced Reality Fieldwork: the Context Aware Archaeological Assistant , 1997 .

[36]  J. A. I. Briz Barceló FieldNote: Extending a GIS into the Field , 1999 .

[37]  M. Parashar,et al.  Context-aware Dynamic Access Control for Pervasive Applications , 2004 .

[38]  N. Ryan Smart environments for cultural heritage , 2005 .

[39]  Nick S. Ryan,et al.  Expressing Privacy Preferences in terms of Invasiveness , 2004 .

[40]  Scott Adams,et al.  The Dilbert Principle , 1996 .

[41]  Joseph F. McCarthy MusIcFX: An Arbiter of Group Preferences , 1998 .

[42]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[43]  Peter J. Brown,et al.  Context-aware applications: from the laboratory to the marketplace , 1997, IEEE Wirel. Commun..

[44]  William Stallings,et al.  THE ADVANCED ENCRYPTION STANDARD , 2002, Cryptologia.

[45]  David W. Chadwick,et al.  Implementing Role Based Access Controls using X.509 Privilege Management - the PERMIS Authorisation Infrastructure , 2004 .

[46]  John Seely Brown,et al.  The Origins of Ubiquitous Computing Research at PARC in the Late 1980s , 1999, IBM Syst. J..

[47]  Jadwiga Indulska,et al.  Experiences in Using CC/PP in Context-Aware Systems , 2003, Mobile Data Management.

[48]  Gregory D. Abowd,et al.  Providing architectural support for building context-aware applications , 2000 .

[49]  Chambers The Chambers Dictionary , 2006 .

[50]  Oren Etzioni,et al.  Privacy interfaces for information management , 1999, CACM.

[51]  Andy Hopper,et al.  The Anatomy of a Context-Aware Application , 1999, Wirel. Networks.

[52]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.

[53]  Jason Hong,et al.  Towards Everyday Privacy for Ubiquitous Computing , 2003 .

[54]  Andy Hopper,et al.  The active badge location system , 1992, TOIS.

[55]  D. Salber,et al.  The Context Toolkit : Aiding the Development of Context-Aware Applications , 2000 .

[56]  David R. Morse,et al.  Developing personal technology for the field , 1998, Personal Technologies.

[57]  Don Loomis The TINI specification and developer's guide , 2001 .

[58]  Anind K. Dey,et al.  Who wants to know what when? privacy preference determinants in ubiquitous computing , 2003, CHI Extended Abstracts.

[59]  David Kotz,et al.  Controlling access to pervasive information in the "Solar" system , 2002 .

[60]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.

[61]  Philippe Debaty,et al.  Integrating the Physical World with the Web to Enable Context-Enhanced Services , 2003 .

[62]  Nathaniel S. Borenstein,et al.  MIME (Multipurpose Internet Mail Extensions): Mechanisms for Specifying and Describing the Format of Internet Message Bodies , 1992, RFC.

[63]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[64]  L. Cranor,et al.  An Analysis of P3P Deployment on Commercial, Government, and Children's Web Sites as of May 2003 , 2003 .

[65]  K. Höök,et al.  MobiTip: Using Bluetooth as a Mediator of Social Context , 2004 .

[66]  Rüdiger Grimm,et al.  Can P3P help to protect privacy worldwide? , 2000, MULTIMEDIA '00.

[67]  Gregory D. Abowd,et al.  Securing context-aware applications using environment roles , 2001, SACMAT '01.

[68]  Gregory D. Abowd,et al.  Cyberguide: A mobile context‐aware tour guide , 1997, Wirel. Networks.

[69]  Mark Weiser The computer for the 21st Century , 2002 .

[70]  Nathaniel S. Borenstein,et al.  MIME (Multipurpose Internet Mail Extensions) Part One: Mechanisms for Specifying and Describing the Format of Internet Message Bodies , 1992, RFC.

[71]  Simone Fischer Hübner,et al.  Privacy Enhancement in the Mobile Internet , 2000 .

[72]  Patrik Osbakk,et al.  Ubiquitous Computing for the Public , 2005, PERMID.

[73]  Andy Hopper,et al.  Implementing a Sentient Computing System , 2001, Computer.

[74]  Guanling Chen,et al.  Solar: A pervasive-computing infrastructure for context-aware mobile applications , 2002 .