Privacy for Mobile and Ubiquitous Computing - CUPS

jiggerbarnacleMobile - Wireless

Nov 24, 2013 (3 years and 8 months ago)

57 views

Joshua Sunshine


Defining Ubiquitous Computing


Unique Privacy Problems


Examples


Exercise 1: Privacy Solution


Privacy Tradeoffs


Professional Solutions


Exercise 2: User Study


Conclusion


Everywhere (duh!)


Invisible


Mobile


Interoperable


Context Aware


Personal


Multi
-
Agent





More data collected, more data to be used
inappropriately (Everywhere)


User forget they are revealing private
information (Invisible)


Hard to configure data sharing (Invisible,
Everywhere)





New class of data
--

contextual information
(Context Aware)


Stalkers (location)


Advertisers (location, activity)


Hard To Identify Invasions (Multi
-
Agent)


Hard to Recover (Multi
-
Agent)




Problem: Interruptions


Caller doesn’t know receiver’s context


Solution: Reveal Context


Location


Activity


Company


Conversation





Problem: When will the next bus arrive?


Tool: Cell phones


Solution:


Aggregate information from riders phones


Send alerts to people waiting for a bus


Break up into two groups


Make a list of privacy problems


Come up with a solution that avoids or
minimizes these problems


10 minutes


Identity violation


Identity of individual is determined


Happens when identifier is sent in a report to the
server


Tracking violation


Movement of individual tracked over time


Happens when identify one report as belonging to
a person who sent an earlier report


Hitchhiking


Anonymous data collection


Location is Computed on the Client


Only the Client Device is Trusted


Report Approval


Restriction of Reports to Specific Locations


Context Types: Location, Activity, Company,
Conversation


Relationship Types: Significant other, family
member, friend, colleague, boss, and
unknown


Representative Sample of 20, regular routine


Participants “called” at regular intervals by
individual with one of the relationship types


Asked to share context


Bad: Value is not real


Participants were not receiving real phone calls
based on their answers


Goal: Avoid interruptions


Questionnaire is an interruption


Good:


Context is more than location


Ideas for Configuration in Real Setting


Value of Sharing vs. Privacy of Not Sharing


Control vs. Trust


Prevention vs. Detection


Configurability vs. Invisibility


Fidelity vs. Confidentiality


Fine vs. Coarse Grained Filtering



Same groups


Create a user study for the Professional Bus
Tracking System


Try to determine if the solution uses the
correct trade offs


Focus on usability of privacy, not on overall
usability


20 minutes


http://www.tartanracing.org/


Khalil
, A. and Connelly, K. 2006. Context
-
aware telephony: privacy preferences
and sharing patterns. In Proceedings of the 2006 20th Anniversary Conference on
Computer Supported Cooperative Work (Banff, Alberta, Canada, November 04
-

08, 2006). CSCW '06. ACM, New York, NY, 469
-
478.


Tang, K. P.,
Keyani
, P., Fogarty, J., and Hong, J. I. 2006. Putting people in their
place: an anonymous and privacy
-
sensitive approach to collecting sensed data in
location
-
based applications. In Proceedings of the SIGCHI Conference on Human
Factors in Computing Systems (Montreal, Quebec, Canada, April 22
-

27, 2006). R.
Grinter
, T.
Rodden
, P. Aoki, E.
Cutrell
, R. Jeffries, and G. Olson, Eds. CHI '06. ACM,
New York, NY, 93
-
102.


Hong, J.I., J. Ng, and J.A.
Landay
. Privacy Risk Models for Designing Privacy
-
Sensitive Ubiquitous Computing Systems. In Proceedings of Designing
Interactive Systems (DIS2004). Boston, MA. pp. 91
-
100 2004.