Abstract
As pervasive environments become more commonplace, the privacy of users is placed at increased risk. The numerous and diverse sensors in these environments can record users’ contextual information, leading to users unwittingly leaving “digital footprints.” Users must thus be allowed to control how their digital footprints are reported to third parties. While a significant amount of prior work has focused on location privacy, location is only one type of footprint, and we expect most users to be incapable of specifying fine-grained policies for a multitude of footprints. In this paper we present a policy language based on the metaphor of physical walls, and posit that users will find this abstraction to be an intuitive way to control access to their digital footprints. For example, users understand the privacy implications of meeting in a room enclosed by physical walls. By allowing users to deploy “virtual walls,” they can control the privacy of their digital footprints much in the same way they control their privacy in the physical world. We present a policy framework and model for virtual walls with three levels of transparency that correspond to intuitive levels of privacy, and the results of a user study that indicates that our model is easy to understand and use.
This research program is a part of the Institute for Security Technology Studies and was supported by the Bureau of Justice Assistance under grant 2005-DD-BX-1091. The views and conclusions do not necessarily reflect the views of the United States Department of Justice.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Barkhuus, L., Dey, A.: Location-based services for mobile telephony: a study of users’ privacy concerns. In: Proceedings of the 9th IFIP TC13 International Conference on Human-Computer interaction (INTERACT 2003), Zürich, Switzerland (Sep. 2003), http://www.intel-research.net/Publications/Berkeley/072920031046_154.pdf
Barrera, M.H., Okai, J.M.: Digital correspondence: Recreating privacy paradigms. International Journal of Communications Law and Policy 1(3) (1999), http://www.ijclp.org/3_1999/pdf/ijclp_webdoc_4_3_1999.pdf
Beslay, L., Hakala, H.: Digital territory: Bubbles. Draft publication (2005), http://cybersecurity.jrc.es/docs/DigitalTerritoryBubbles.pdf
Chen, G., Li, M., Kotz, D.: Design and implementation of a large-scale context fusion network. In: Proceedings of Mobiquitous 2004, Boston, MA, USA, Aug. 2004, pp. 246–255 (2004), http://www.cs.dartmouth.edu/~dfk/papers/chen:fusenet.pdf
Christensen, J., et al.: Too much information. ACM Queue 4(6), 50–57 (2006)
Cuellar, J.R., et al.: Geopriv requirements. RFC 3693 (Feb. 2004), http://www.ietf.org/rfc/rfc3693.txt
Dey, A.K.: Providing Architectural Support for Building Context-Aware Applications. PhD thesis, College of Computing, Georgia Institute of Technology (Dec. 2000)
Greenberg, S., Neustaedter, C., Elliot, K.: Time, Ownership and Awareness: The Value of Contextual Locations in the Home. In: Beigl, M., et al. (eds.) UbiComp 2005. LNCS, vol. 3660, pp. 251–268. Springer, Heidelberg (2005)
Gruteser, M., Grunwald, D.: Anonymous usage of location-based services through spatial and temporal cloaking. In: Proceedings of MobiSys 2003, San Francisco, CA, USA, May 2003, pp. 31–42 (2003), http://www.usenix.org/events/mobisys03/tech/full_papers/gruteser/gruteser.pdf
Hawkey, K., Inkpen, K.M.: Privacy gradients: exploring ways to manage incidental information during co-located collaboration. In: CHI ’05 Extended Abstracts on Human Factors in Computing Systems, Portland, OR, USA, Apr. 2005, pp. 1431–1434 (2005), http://doi.acm.org/10.1145/1056808.1056934
Henderson Jr., D.A., Card, S.K.: Rooms: the use of multiple virtual workspaces to reduce space contention in a window-based graphical user interface. ACM Transactions on Graphics 5(3), 211–243 (1986), http://doi.acm.org/10.1145/24054.24056
Hengartner, U., Steenkiste, P.: Protecting access to people location information. In: Proceedings of the First International Conference on Security in Pervasive Computing, Boppard, Germany, Mar. 2003, pp. 25–38 (2003), http://www.cs.cmu.edu/~uhengart/spc03.pdf
Hong, J.I., Landay, J.A.: An architecture for privacy-sensitive ubiquitous computing. In: Proceedings of MobiSys 2004, Boston, MA, USA, June 2004, pp. 177–189 (2004), doi:10.1145/990064.990087
Hudson, S.E., Smith, I.: Techniques for addressing fundamental privacy and disruption tradeoffs in awareness support systems. In: Proceedings of the 6th ACM Conference on Computer Supported Cooperative Work, Boston, MA, USA, Nov. 1996, pp. 248–257. ACM Press, New York (1996), http://doi.acm.org/10.1145/240080.240295
Iachello, G., et al.: Developing privacy guidelines for social location disclosure applications and services. In: Proceedings of the 2005 Symposium on Usable Privacy and Security, Pittsburgh, PA, USA (July 2005), http://doi.acm.org/10.1145/1073001.1073008
Langheinrich, M.: Privacy by design - principles of privacy-aware ubiquitous systems. In: Abowd, G.D., Brumitt, B., Shafer, S. (eds.) UbiComp 2001. LNCS, vol. 2201, pp. 273–291. Springer, Heidelberg (2001)
Langheinrich, M.: A Privacy Awareness System for Ubiquitous Computing Environments. In: Borriello, G., Holmquist, L.E. (eds.) UbiComp 2002. LNCS, vol. 2498, pp. 237–245. Springer, Heidelberg (2002)
Borriello, G., Lester, J., Choudhury, T.: A Practical Approach to Recognizing Physical Activities. In: Fishkin, K.P., et al. (eds.) PERVASIVE 2006. LNCS, vol. 3968, pp. 1–16. Springer, Heidelberg (2006)
Myles, G., Friday, A., Davies, N.: Preserving privacy in environments with location-based applications. IEEE Pervasive Computing 2(1), 56–64 (2003), http://www.computer.org/pervasive/pc2003/b1056abs.htm
Price, B.A., Adam, K., Nuseibeh, B.: Keeping ubiquitous computing to yourself: A practical model for user control of privacy. International Journal of Human-Computer Studies 63(1-2), 228–253 (2005), http://www.sciencedirect.com/science/article/B6WGR-4G9GP0G-2/2/d8ad215e2e1e1abf9bfb4faa72855b60
Ranganathan, A., Al-Muhtadi, J., Campbell, R.H.: Reasoning about uncertain contexts in pervasive computing environments. IEEE Pervasive Computing 3(2), 62–70 (2004)
Sastry, N., Shankar, U., Wagner, D.: Secure verification of location claims. In: Proceedings of the ACM Workshop on Wireless Security, San Diego, CA, USA, Sep. 2003, pp. 1–10. ACM Press, New York (2003), http://www.cs.berkeley.edu/~nks/papers/locprove-wise03.pdf
Schneier, B.: Your vanishing privacy. The Star Tribune, p. 1AA (Mar. 05, 2006)
Sommer, P.: Digital Footprints: Assessing Computer Evidence. Criminal Law Review, 61–78 (Dec. 1998), http://www.giustizia.it/cassazione/convegni/dic2000/sommer_6.pdf
Tapia, E.M., Philipose, M., Choudhury, T.: Building Reliable Activity Models Using Hierarchical Shrinkage and Mined Ontology. In: Fishkin, K.P., et al. (eds.) PERVASIVE 2006. LNCS, vol. 3968, pp. 17–32. Springer, Heidelberg (2006)
Wickramasuriya, J., et al.: Privacy protecting data collection in media spaces. In: Proceedings of the 12th Annual ACM International Conference on Multimedia, Oct. 2004, pp. 48–55. ACM Press, New York (2004), http://doi.acm.org/10.1145/1027527.1027537
Wieffering, E.: Protecting your digital footprints. The Star Tribune, p. 1D (Nov. 07,1999)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Kapadia, A., Henderson, T., Fielding, J.J., Kotz, D. (2007). Virtual Walls: Protecting Digital Privacy in Pervasive Environments. In: LaMarca, A., Langheinrich, M., Truong, K.N. (eds) Pervasive Computing. Pervasive 2007. Lecture Notes in Computer Science, vol 4480. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72037-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-72037-9_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72036-2
Online ISBN: 978-3-540-72037-9
eBook Packages: Computer ScienceComputer Science (R0)