SensorSafe: A Framework for Privacy-Preserving Management of Personal Sensory Information

The widespread use of smartphones and body-worn sensors has made continuous and unobtrusive collection of personal data feasible. This has led to the emergence of useful applications in diverse areas such as medical behavioral studies, personal health-care and participatory sensing. However, the nature of highly personal information shared with these applications, together with the additional inferences that could be possibly drawn using the same data leads to a variety of privacy concerns. This paper proposes SensorSafe, an architecture for managing personal sensory information in a privacy-preserving way. Our architecture consists of multiple remote data stores and a broker so users can retain the ownership of their data and management of multiple users can be well supported. SensorSafe also provides a context-aware ne-grained access control mechanism by which users can dene their own sharing rules based on various conditions including context and behavioral status. We discuss our design of the SensorSafe architecture and provide application examples to show how our system can support user privacy.

[1]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[2]  Minho Shin,et al.  Anonysense: privacy-aware people-centric sensing , 2008, MobiSys '08.

[3]  Lorrie Faith Cranor,et al.  Locaccino: a privacy-centric location sharing application , 2010, UbiComp '10 Adjunct.

[4]  Colin J. Ihrig JavaScript Object Notation , 2013 .

[5]  Ryan Newton,et al.  XStream: a Signal-Oriented Data Stream Management System , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[6]  Suman Nath,et al.  Privacy-aware regression modeling of participatory sensing data , 2010, SenSys '10.

[7]  Roy T. Fielding,et al.  The Apache HTTP Server Project , 1997, IEEE Internet Comput..

[8]  Sudheendra Hangal,et al.  PrPl: a decentralized social networking infrastructure , 2010, MCS '10.

[9]  Bobby Bhattacharjee,et al.  Persona: an online social network with user-defined privacy , 2009, SIGCOMM '09.

[10]  Alexandre M. Bayen,et al.  Virtual trip lines for distributed privacy-preserving traffic monitoring , 2008, MobiSys '08.

[11]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[12]  M. Hansen,et al.  Participatory Sensing , 2019, Internet of Things.

[13]  E. Candès,et al.  Stable signal recovery from incomplete and inaccurate measurements , 2005, math/0503066.

[14]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[15]  Deborah Estrin,et al.  SensorBase.org: A Centralized Repository to Slog Sensor Network Data (KNO 2) , 2006 .

[16]  Deborah Estrin,et al.  Personal data vaults: a locus of control for personal data streams , 2010, CoNEXT.

[17]  Vitaly Shmatikov,et al.  De-anonymizing Social Networks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[18]  Lujo Bauer,et al.  User-Controllable Security and Privacy for Pervasive Computing , 2007, Eighth IEEE Workshop on Mobile Computing Systems and Applications.

[19]  Sasikanth Avancha,et al.  A privacy framework for mobile health and home-care systems , 2009, SPIMACS '09.

[20]  Uwe Hansmann,et al.  Pervasive Computing , 2003 .

[21]  Deborah Estrin,et al.  Determining transportation mode on mobile phones , 2008, 2008 12th IEEE International Symposium on Wearable Computers.

[22]  Alexander Varshavsky,et al.  Enabling Secure and Spontaneous Communication between Mobile Devices using Common Radio Environment , 2007 .

[23]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[24]  Deborah Estrin,et al.  PEIR, the personal environmental impact report, as a platform for participatory sensing systems research , 2009, MobiSys '09.

[25]  Edward Y. Chang,et al.  Adaptive sampling for sensor networks , 2004, DMSN '04.

[26]  Alec Wolman,et al.  Lockr: better privacy for social networks , 2009, CoNEXT '09.

[27]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[28]  Ramón Cáceres,et al.  Virtual individual servers as privacy-preserving proxies for mobile devices , 2009, MobiHeld '09.

[29]  Mirco Musolesi,et al.  Sensing meets mobile social networks: the design, implementation and evaluation of the CenceMe application , 2008, SenSys '08.

[30]  Tarek F. Abdelzaher,et al.  PoolView: stream privacy for grassroots participatory sensing , 2008, SenSys '08.

[31]  Alexandros Labrinidis,et al.  Proceeedings of the 1st international workshop on Data management for sensor networks: in conjunction with VLDB 2004 , 2004 .

[32]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[33]  Mani B. Srivastava,et al.  Privacy risks emerging from the adoption of innocuous wearable sensors in the mobile environment , 2011, CHI.

[34]  Emre Ertin,et al.  Continuous inference of psychological stress from sensory measurements collected in the natural environment , 2011, Proceedings of the 10th ACM/IEEE International Conference on Information Processing in Sensor Networks.