Enabling Personal Privacy for Pervasive Computing Environments

Protection of personal data in the Internet is already a challenge today. Users have to actively look up privacy policies of websites and decide whether they can live with the terms of use. Once discovered, they are forced to make a "'take or leave"' decision. In future living and working environments, where sensors and context-aware services are pervasive, this becomes an even greater challenge and annoyance. The environment is much more personalized and users cannot just "'leave"'. They require measures to prevent, avoid and detect misuse of sensitive data, as well as to be able to negotiate the purpose of use of data. We present a novel model of privacy protection, complementing the notion of enterprise privacy with the incorporation of personal privacy towards a holistic privacy management system. Our approach allows non-expert users not only to negotiate the desired level of privacy in a rather automated and simple way, but also to track and monitor the whole life-cycle of data.

[1]  Alexander Pretschner,et al.  On Obligations , 2005, ESORICS.

[2]  David W. Chadwick,et al.  Obligations for Privacy and Confidentiality in Distributed Transactions , 2007, EUC Workshops.

[3]  James A. Landay,et al.  Approximate Information Flows: Socially-Based Modeling of Privacy in Ubiquitous Computing , 2002, UbiComp.

[4]  Annie I. Antón,et al.  The ChoicePoint Dilemma: How Data Brokers Should Handle the Privacy of Personal Information , 2007, IEEE Security & Privacy.

[5]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[6]  Carlos Fernández-Valdivielso,et al.  Obligations: Building a Bridge between Personal and Enterprise Privacy in Pervasive Computing , 2008, TrustBus.

[7]  Pablo A. Haya,et al.  Managing Pervasive Environment Privacy Using the "fair trade" Metaphor , 2007, OTM Workshops.

[8]  Milan Petkovic,et al.  Security, Privacy, and Trust in Modern Data Management , 2007, Data-Centric Systems and Applications.

[9]  Anind K. Dey,et al.  Managing Personal Information Disclosure in Ubiquitous Computing Environments , 2003 .

[10]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[11]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[12]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[13]  Rafael Accorsi,et al.  Personalization in privacy-aware highly dynamic systems , 2006, CACM.

[14]  Susana Alcalde Bagüés,et al.  The CONNECT platform: An architecture for Context-Aware Privacy in pervasive environments , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[15]  Zahir Tari,et al.  On The Move to Meaningful Internet Systems 2003: OTM 2003 Workshops , 2003, Lecture Notes in Computer Science.

[16]  Marc Langheinrich,et al.  A Privacy Awareness System for Ubiquitous Computing Environments , 2002, UbiComp.

[17]  Daniel E. O'Leary Some Privacy Issues in Knowledge Discovery: The OECD Personal Privacy Guidelines , 1995, IEEE Expert.

[18]  N. Luhmann Trust and Power , 1979 .

[19]  Anne H. Anderson,et al.  A comparison of two privacy policy languages: EPAL and XACML , 2006, SWS '06.

[20]  Martin Rost,et al.  Exploring the Feasibility of a Spatial User Interface Paradigm for Privacy-Enhancing Technoloqy , 2006 .

[21]  Susana Alcalde Bagüés,et al.  Sentry@Home - Leveraging the Smart Home for Privacy in Pervasive Computing , 2007 .

[22]  Timothy W. Finin,et al.  A policy language for a pervasive computing environment , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[23]  Günter Karjoth,et al.  A privacy policy model for enterprises , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[24]  Carlos Fernández-Valdivielso,et al.  Disappearing for a while - using white lies in pervasive computing , 2007, WPES '07.

[25]  Nigel Davies,et al.  Preserving Privacy in Environments with Location-Based Applications , 2003, IEEE Pervasive Comput..

[26]  Tristan Henderson,et al.  Privacy in Location-Aware Computing Environments , 2007, IEEE Pervasive Computing.

[27]  Marco Casassa Mont,et al.  A Systemic Approach to Automate Privacy Policy Enforcement in Enterprises , 2006, Privacy Enhancing Technologies.