TreasurePhone: Context-Sensitive User Data Protection on Mobile Phones

Due to increased input and output capabilities, mobile phones hold many different kinds of (mostly private) data. The need for finer grained profiles and integrated data security on mobile phones has already been documented extensively (e.g. [1]). However, there are no appropriate concepts and implementations yet to handle and limit access to data on mobile phones. TreasurePhone has been designed to address this specific problem. It protects the users' mobile phone data based on their current context. Privacy protection is realized by spheres, which represent the users' context-specific need for privacy. That is, users can define which data and services are accessible in which sphere. TreasurePhone exploits context information to support authentication and automatic activation of spheres by locations and actions. We conducted a user study with 20 participants to gain insights on how well users accept such a concept. One of the main goals was to find out whether such privacy features are appreciated by the users even though they make interaction slower and might hinder fast access to specific data. Additionally, we showed that integration of context information significantly increases ease-of-use of the system.

[1]  Andreas Krause,et al.  SenSay: a context-aware mobile phone , 2003, Seventh IEEE International Symposium on Wearable Computers, 2003. Proceedings..

[2]  S. Krishnamurthy,et al.  Context-Based Adaptation of Mobile Phones Using Near-Field Communication , 2006, 2006 3rd Annual International Conference on Mobile and Ubiquitous Systems - Workshops.

[3]  Sumit Mittal,et al.  Context-Based Adaptation of Mobile Phones Ussing Near-Field Communication , 2006, 2006 Third Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services.

[4]  Frank Stajano One User, Many Hats; and, Sometimes, No Hat: Towards a Secure Yet Usable PDA , 2004, Security Protocols Workshop.

[5]  Alexander De Luca,et al.  Threat Awareness - Social Impacts of Privacy Aware Ubiquitous Computing , 2007 .

[6]  Frank Stajano Will your digital butlers betray you? , 2004, WPES '04.

[7]  Lars Erik Holmquist,et al.  UbiComp 2002: Ubiquitous Computing , 2002 .

[8]  James A. Landay,et al.  Approximate Information Flows: Socially-Based Modeling of Privacy in Ubiquitous Computing , 2002, UbiComp.

[9]  Stuart E. Schechter,et al.  Can i borrow your phone?: understanding concerns when sharing mobile phones , 2009, CHI.

[10]  E. Goffman The Presentation of Self in Everyday Life , 1959 .

[11]  Pertti Huuskonen,et al.  Understanding privacy regulation in ubicomp interactions , 2008, Personal and Ubiquitous Computing.