Data Mishandling and Profile Building in Ubiquitous Environments

In any systems or environments within a ubiquitous computing context that promotes the concept of users interaction or inter-organization communication, more specifically data sharing and takes users within such context as relevant contextual information, there is the potential for interactions between systems to occur that may affect the security of the overall system. We present a scenario that aims to highlight such potential problems, in particular the problem of security at sharing information and protecting profile building from such shared information. This scenario considers cooperation and interactions between individuals and systems that might occur in the context of a public event, such as a conference, crisis situation or entertainment event. Based on this we present a modelling tool able to highlight potential information sharing and profile building issues as well as access violations that might occur through the transfer of data between multiple individuals and suggest ways of defining policies dynamically and filtering only relevant contextual information for the user, to mitigate such a problem.

[1]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[2]  Cesare Pautasso,et al.  The JOpera visual composition language , 2005, J. Vis. Lang. Comput..

[3]  Tao Gu,et al.  A service-oriented middleware for building context-aware services , 2005, J. Netw. Comput. Appl..

[4]  Rajeev Motwani,et al.  The PageRank Citation Ranking : Bringing Order to the Web , 1999, WWW 1999.

[5]  James H. Aylor,et al.  Computer for the 21st Century , 1999, Computer.

[6]  George Karypis,et al.  Item-based top-N recommendation algorithms , 2004, TOIS.

[7]  Ning Zhang,et al.  An effective model for composition of secure systems , 1998, J. Syst. Softw..

[8]  Moritz Y. Becker Information governance in NHS's NPfIT: A case for policy specification , 2007, Int. J. Medical Informatics.

[9]  A. Shostack,et al.  Anonymity , Unobservability , Pseudonymity , and Identity Management – A Proposal for Terminology , 2000 .

[10]  J. Irvine Instant Knowledge: Leveraging information on portable devices , 2008, PORTABLE-POLYTRONIC 2008 - 2nd IEEE International Interdisciplinary Conference on Portable Information Devices and the 2008 7th IEEE Conference on Polymers and Adhesives in Microelectronics and Photonics.

[11]  Allan Tomlinson,et al.  Instant knowledge : a secure mobile context-aware distributed recommender system , 2009 .

[12]  Peter Sewell,et al.  Cassandra: distributed access control policies with tunable expressiveness , 2004, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004..

[13]  Mark Weiser,et al.  The computer for the 21st Century , 1991, IEEE Pervasive Computing.

[14]  Madjid Merabti,et al.  Data Flow Security Analysis for System-of-Systems in a Public Security Incident , 2008 .

[15]  Ning Zhang,et al.  A general approach to secure components composition , 1996, Proceedings. IEEE High-Assurance Systems Engineering Workshop (Cat. No.96TB100076).

[16]  K. A. Holley,et al.  Virtual Centre of Excellence in Mobile and Personal Communications , 2001 .

[17]  John Riedl,et al.  Item-based collaborative filtering recommendation algorithms , 2001, WWW '01.

[18]  M. Kifer,et al.  Report on the design of component model and composition technology for the Datalog and Prolog variants of the REWERSE languages , 2004 .

[19]  Harry Chen,et al.  An ontology for context-aware pervasive computing environments , 2003, The Knowledge Engineering Review.

[20]  John McLean Trustworthy Software: Why we need it, Why we don't have it, How we can get it , 2006, COMPSAC.

[21]  Jennifer Widom,et al.  SimRank: a measure of structural-context similarity , 2002, KDD.

[22]  H. Janicke,et al.  The role of dynamic security policy in military scenarios. , 2007 .

[23]  J. Noll,et al.  Distributed Identity for Secure Service Interaction , 2007, 2007 Third International Conference on Wireless and Mobile Communications (ICWMC'07).

[24]  James A. Landay,et al.  An Infrastructure Approach to Context-Aware Computing , 2001, Hum. Comput. Interact..