Preserving User Privacy and Security in Context-Aware Mobile Platforms

Contemporary smartphones are capable of generating and transmitting large amounts of data about their users. Recent advances in collaborative context modeling combined with a lack of adequate permission model for handling dynamic context sharing on mobile platforms have led to the emergence of a new class of mobile applications that can access and share embedded sensor and context data. Most of the time such data is used for providing tailored services to the user but it can lead to serious breaches of privacy. We use Semantic Web technologies to create a rich notion of context. We also discuss challenges for context aware mobile platforms and present approaches to manage data flow on these devices using semantically rich fine-grained context-based policies that allow users to define their privacy and security need using tools we provide.

[1]  Gregory D. Abowd,et al.  Towards a Better Understanding of Context and Context-Awareness , 1999, HUC.

[2]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[3]  Lalana Kagal,et al.  Rein : Where Policies Meet Rules in the Semantic Web , 2005 .

[4]  James A. Hendler,et al.  Information accountability , 2008, CACM.

[5]  Timothy W. Finin,et al.  Mobile, Collaborative, Context-Aware Systems , 2011, Activity Context Representation.

[6]  Pierangela Samarati,et al.  Authentication, access control, and audit , 1996, CSUR.

[7]  Norman Sadeh,et al.  Understanding and capturing people's mobile app privacy preferences , 2013 .

[8]  Franz Baader,et al.  Description Logics with Aggregates and Concrete Domains , 1997, Description Logics.

[9]  J. Carroll,et al.  Jena: implementing the semantic web recommendations , 2004, WWW Alt. '04.

[10]  Solomon Sunday Oyelere,et al.  Mobile Application for Ebola Virus Disease Diagnosis (EbolaDiag) , 2019, Censorship, Surveillance, and Privacy.

[11]  Norman M. Sadeh,et al.  Modeling Users' Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings , 2014, SOUPS.

[12]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[13]  Anupam Joshi,et al.  Enforcing policies in pervasive environments , 2004, The First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 2004. MOBIQUITOUS 2004..

[14]  Timothy W. Finin,et al.  Privacy Control in Smart Phones Using Semantically Rich Reasoning and Context Modeling , 2012, 2012 IEEE Symposium on Security and Privacy Workshops.

[15]  Norman M. Sadeh,et al.  A semantic web environment for context-aware m-commerce , 2003, EC '03.

[16]  Ian Horrocks,et al.  OWL Web Ontology Language Reference-W3C Recommen-dation , 2004 .

[17]  Jeffrey M. Bradshaw,et al.  KAoS policy and domain services: toward a description-logic approach to policy representation, deconfliction, and enforcement , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[18]  Timothy W. Finin,et al.  Privacy Preservation in Context Aware Geosocial Networking Applications , 2011 .

[19]  Tim Berners-Lee,et al.  Creating a Policy-Aware Web: Discretionary, Rule-Based Access for the World Wide Web , 2008 .

[20]  D. Richard Kuhn,et al.  Adding Attributes to Role-Based Access Control , 2010, Computer.

[21]  Mauro Conti,et al.  CRePE: Context-Related Policy Enforcement for Android , 2010, ISC.

[22]  Sotiris Ioannidis,et al.  AndRadar: Fast Discovery of Android Applications in Alternative Markets , 2014, DIMVA.

[23]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[24]  L. Stein,et al.  OWL Web Ontology Language - Reference , 2004 .

[25]  Lalana Kagal,et al.  Access Control is an Inadequate Framework for Privacy Protection , 2010 .

[26]  Sven Dietrich,et al.  Detection of Intrusions and Malware, and Vulnerability Assessment , 2014, Lecture Notes in Computer Science.

[27]  Timothy W. Finin,et al.  A Policy Based Approach to Security for the Semantic Web , 2003, SEMWEB.

[28]  Robert Boguslaw,et al.  Privacy and Freedom , 1968 .

[29]  Timothy W. Finin,et al.  Preserving Privacy in Context-Aware Systems , 2011, 2011 IEEE Fifth International Conference on Semantic Computing.

[30]  Harry Chen,et al.  An ontology for context-aware pervasive computing environments , 2003, The Knowledge Engineering Review.

[31]  Emiliano Miluzzo,et al.  A survey of mobile phone sensing , 2010, IEEE Communications Magazine.

[32]  Marthie Grobler,et al.  Adaptation of the JDL Model for Multi-Sensor National Cyber Security Data Fusion , 2016, Int. J. Cyber Warf. Terror..