Towards Privacy Protection in a Middleware for Context-awareness

2008

Privacy is recognized as a fundamental issue for the provision of context-aware services. In this paper we present work in progress regarding the definition of a comprehensive framework for supporting context-aware services while protecting users' privacy. Our proposal is based on a combination of mechanisms for enforcing context-aware privacy policies and k -anonymity. Moreover, our proposed technique involves the use of stereotypes for generalizing precise identity information to the aim of protecting users' privacy.

Satisfying the varied privacy preferences of individuals, while exposing context data to authorized applications and individuals, remains a major challenge for context-aware computing. This paper describes our experiences in building a middleware component, the Context Privacy Engine (CPE), that enforces a role-based, context-dependent privacy model for enterprise domains. While fundamentally an ACL-based access control scheme, CPE extends the traditional ACL mechanism with usage control and context constraints. This paper focuses on discussing issues related to managing and evaluating contextdependent privacy policies. Extensive experimental studies with a production-grade implementation and real-life context sources demonstrate that the CPE can support a large number of concurrent requests. The experiments also show valuable insight on how context-retrieval can affect the privacy evaluation process.

2005

Privacy issues related to the access of context information are becoming increasingly important as we move toward ubiquitous and mobile computing environments. In this article, we describe the design and implementation of a privacy service, called Context Privacy Service (CoPS), to control how, when and to whom disclose a user's context information. Based on the results of an end-user survey and experience reported by other research groups, we identified the main service requirements and designed CoPS aiming flexibility, generality, simplicity and fine-grained privacy control. CoPS is an optional service of our context-provisioning middleware MoCA and allows users of context-and location-aware applications to define and manage their privacy policies regarding disclosure of their context information. The main features supported by CoPS are group-based access control, pessimistic and optimistic approaches for access control, hierarchical privacy rules, mixed-initiative interaction, and rule specificity analysis.

2011

Context-aware systems aim to deliver a richer user experience by taking into account the current user context (location, time, activity, etc.), possibly captured without his intervention. For example, cellphones are now able to continuously update the user's location while, at the same time, users execute an increasing amount of activities online, where their actions may be easily captured (e.g., login in a web application) without user consent. The potential advantages of these applications is huge, but we must not forget the important privacy issues that it creates. Particularly in distributed context-aware systems where the information that is captured may be sent to a distant server, people feel uncomfortable about exposing highly personal data, such as their location or current activity. This paper examines the current privacy management techniques and identifies four main groups: Privacy Policies, Data Perturbation, Anonymization and Lookup Notification. Each of these groups is analyzed highlighting the advantages and disadvantages of their application to Distributed Context-Aware Systems.

Journal of Software, 2008

Context-awareness refers to systems that unobtrusively adapt to the environment of their users on the basis of context information, popularly known as contextaware systems. One inherent property of context information is that it possesses a certain quality, such as the certainty with which it has been determined and so on. Different aspects of this quality are represented by a set of indicators collectively known as Quality of Context (QoC). QoC also represents privacy sensitiveness of context information, i.e. context information of higher quality is considered more privacy sensitive. An important step towards making QoC indicators usable is to quantify them in tangible units. In this paper we provide motivation for using QoC indicators as meta-information for context management and use QoC as part of a user privacy enforcement framework. We propose five QoC indicators and present different alternatives available for expressing them quantitatively.

2006 ACS/IEEE International Conference on Pervasive Services, 2006

Context awareness is an essential cornerstone in future pervasive computing systems. It has the potential to greatly reduce the user attention and interaction bottlenecks, to give humans the impression that services fade into the background, and to support intelligent personalization features. Nevertheless, in order to create such an environment, a growing amount of personal information has to be provided to the system, either manually or automatically. Hence the digital trace and representation users have in the system is getting dangerously detailed, thus stressing the need for privacy protection. DAIDALOS 1 is a European research project in the area of 3G and beyond, which aims to combine heterogeneous networks in a transparent and seamless way, and develop on top of this a pervasive environment for applications and end-users. This paper describes the main models and mechanisms that have been established to provide federated contextaware services and protect the privacy of their users.

2000

2011

Abstract Recent years have seen a confluence of two major trends--the increase of mobile devices such as smart phones as the primary access point to networked information and the rise of social media platforms that connect people. Their convergence supports the emergence of a new class of context-aware geosocial networking applications.

2009

Despite the rapid growth in the number of mobile devices connected to the internet via UMTS or wireless 802.11 hotspots the market for location-based services has yet to take off as expected. Moreover, other kinds of context information are still not routinely supported by mobile services and even when they are, users are not aware of the services that are available to them at a particular time and place. We believe that the adoption of mobile services will be significantly increased by context-sensitive service discovery services that use context information to deliver precise, personalized search results in a changing environment and reduce human-device interaction. However, developing such applications is still a major challenge for software developers. In this paper we therefore present a framework for building context-sensitive service discovery services for mobile clients that ensures the privacy of the users' context while offering valuable search results.

2008

middleware Recent advances in mobile communications, location/sensing technologies and data processing are boosting the deployment of context-aware services and smart spaces creation. This is reflected in urban environments by the smart-city vision, a city with advanced ICT and surveillance infrastructures offering to citizens a diversity of services. Nevertheless, privacy risks and threats ambush, since collection and process of large amount of personal data occur. Although technology enables the collection of data, its protection against abuse is left to data protection legislation. However, privacy terms to be regarded as legislature issues, should be brought down in the technological reality and carefully accounted for in devising technical solutions. In order to limit the disclosure and misuse of citizens ’ personal data, this report introduces a distributed unit of