Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy, Security, and Ubiquitous Computing Jason I. Hong.

Published byDeborah Cannon Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy, Security, and Ubiquitous Computing Jason I. Hong."— Presentation transcript:

1 Privacy, Security, and Ubiquitous Computing Jason I. Hong

2 Overview Privacy and Security Today –Supporting Trust Decisions Privacy and Security Tomorrow –Privacy and Usability in Pervasive Environments –Location-enhanced Web –Whisper

3 Everyday Security Problems

4

5

6 Everyday Security is Important People increasingly asked to make trust decisions –Install this software? –Trust expired certificate? (“what the !@^% is a certificate?”) –Enter username and password? Consequence of wrong trust decision can be dramatic –Spyware –Malware (viruses, worms) –Identity theft

7 Project: Supporting Trust Decisions Computers can’t make all trust decisions for you Goal here is to help people make better decisions –Context here is anti-phishing –Multidisciplinary team Approach 1: Design Patterns –Extract UI design patterns that work well Approach 2: Embedded Training –Surreptitiously train people to be better at discriminating scams from the real thing Approach 3: Public Health System –Back-end system + UIs for marking scams

8 Overview Privacy and Security Today –Supporting Trust Decisions Privacy and Security Tomorrow –Privacy and Usability in Pervasive Environments –Location-enhanced Web –Whisper

9 Ubicomp Presents New Benefits Find FriendsIncident CommandRFID Advances in wireless networking, sensors, devices –Greater awareness of and interaction with physical world Ubicomp can help in efficiency, coordination, safety

10 Ubicomp Also Presents New Risks Some potential new risks: –Commit fraud –Draw embarrassing or inaccurate inferences –Discriminate against users Everyday RisksExtreme Risks Stalkers, Muggers _________________________________ Well-being Personal safety Employers _________________________________ Over-monitoring Discrimination Reputation Friends, Family _________________________________ Over-protection Social obligations Embarrassment Government __________________________ Civil liberties

11 “[It] could tell when you were in the bathroom, when you left the unit, and how long and where you ate your lunch. EXACTLY what you are afraid of.” -allnurses.com Ubicomp Privacy is a Serious Concern

12 Project: Privacy and Usability in Pervasive Environments Group project split into two major parts: 1. Decentralized trust management infrastructure for enforcing policies –Project Grey, MyCampus, Pervasive Access Control 2. User interfaces for helping people elucidate their privacy preferences –When to get notifications? –When to share personal information?

13 You think you are in one context, actually overlapped in many others Without this understanding, cannot act appropriately Optionally, useful to specify when it’s okay to broadcast Project: Privacy and Usability in Pervasive Environments

14 Pessimistic, Optimistic, and Mixed-mode privacy –Pessimistic:setup prefs beforehand –Optimistic:detect problems and fix afterwards –Mixed:ask me Extend Privacy Bird Conversational Case Based Reasoning (CCBR) –Major component, help people use similar past situations Empirical user studies to compare these UIs –Correctness, desirability, predictability, time on task, …

15 Project: Location-Enhanced Web Three big problems with location-based services: 1. Need a high level of expertise to create location- enhanced content and services –Lots of programming and/or hardware expertise –Significantly stifles innovation 2. Difficult to deploy location-enhanced content and services –No location app works on multiple phones –Haphazard wireless connectivity 3. Location privacy

16 Web + Location = Location-Enhanced Web Evolve existing web infrastructure to support location-awareness –Minimal re-design and re-deployment –Leverage existing web browsers, web servers Co-opt existing location-enhanced content –Transparently make web sites that already have location- enhanced content part of the location-enhanced web –Ex. Restaurant guides, bus schedules, tour guides, etc –Anything with street address info Make it easy to create location-enhanced content –Authoring of web pages vs programming apps

17 Underlying Design Philosophy Capture, store, and process personal data on my computer as much as possible (laptops and PDAs) Provide greater control and feedback over sharing

18 How It Will Work Overview (1) Determine location locally on device –Listen to “beacons” to calculate location locally (2) Use local proxies to transparently add new features –Let users use existing web browsers (3) Local services –Geocoders, maps, etc (4) Occasionally-connected computing –Cache content like a madman, periodically update (5) Better user interfaces –Provide better UIs for sharing info (6) Provide authoring tools for new content and services

19 How It Will Work Usage Scenario (1/5) ABC –Works indoors and in urban canyons –Works with encrypted nodes –No special equipment –Privacy-sensitive –Rides the WiFi wave Alice does a one-click install for her laptop Place Lab WiFi positioning system calculates location –Unique WiFi MAC Address  Latitude, Longitude

20

21

22 How It Will Work Usage Scenario (2/5) Regular web browser starts auto-filling in web forms for location-unaware sites –Local geocoder service looks up address info –Uses publicly available data about countries, states, ZIP, etc

23 How It Will Work Usage Scenario (3/5) Alice can also go to a location-aware site that uses our extensions –Web-based tour guide of CMU Alice gets a Place Bar UI to control what level of location info she is willing to disclose –Selectively trade privacy for services

24 How It Will Work Usage Scenario (4/5) Local proxy transparently processes new location- enhanced features –Triggers to auto-load new content Ex. show this page when user enters this building –Context-sensitive links Ex. “Map” link shows indoor map when indoors, etc –Active map

25 How It Will Work Usage Scenario (5/5) Alice can also download content for use when not connected to network –Too expensive, roaming, poor coverage, etc Every morning, her laptop downloads location+ information about Pittsburgh –Community events like talks, concerts, book signings –Restaurant guides (download and geocode entire site) –Locally filter and examine Can also block-fetch info –Ex. Travel to Seattle, download all info for that week –Service knows you are in Seattle, that’s it –If linked with calendar, can do this when you’re in Pittsburgh

26 Authoring Tools

27 Advantages of this Approach This approach leverages: –Familiar user model (links, pages, web sites, submit button) –Lots of existing content –Lots of authoring and debugging tools –Lots of content creators Icing on the cake –Simple user model: everything private unless you choose –Software only extensions, no new hardware –Minimal changes to existing web browsers, proxies, servers –Don’t have to wait for widespread cheap wireless networking –Can do this today!

28 Can Address Key Research Problems Need a high level of expertise to create location- enhanced content and services –Shift problem from programming to authoring –Provide libraries and templates for advanced features Difficult to deploy location-enhanced content and services –Local proxy, local services, local storage –Occasionally connected computing Privacy –OCC (use data offline) –Better user interfaces for when and what to share

29 Lots of Research Issues OCC and block-fetching algorithms –How much to download? When to refresh? –Privacy metric: level of privacy vs cpu, bandwidth, disk, power –Pre-fetch: plausible deniability, potentially useful info Will work for laptops, what about phones and PDAs? –Start with local, push back into infrastructure as needed –Ex. Trusted proxies, a for-pay service that honors privacy User interfaces –Place Bar okay but hard to use in user evals –What is live vs cached?

30 Apps to Build Towards (1/2) Web page autofill Virtual post-it notes (geonotes) Location-enhanced tourguide Map-It –Map from current location to address on page

31 Apps to Build Towards (2/2) Location dashboard –Subscribe to Starbucks coffee, crime database, and geonotes server –As you move around, you can see: Nearest Starbucks Crime “thermometer” Previews of notes your friends have posted –Like an RSS feed for the real world! Whisper Community Event Service –Crawl web for community events –Use location, social networks, and keywords to filter –“Notify me when Yo-Yo Ma will play a concert in Pittsburgh”

32 Project Whisper Community event service –Foster sociability within community –Get people away from TV First iteration done –(Before location-enhanced web though) User evaluations –Useful but… –I want to know who else is going –Too many events shown! Make it easier for people to coordinate –Lightweight, minimal social obligations Make it easy to see what’s going on

33 Project Whisper Use location information, preferences, and social networking to filter –Location: “Shadyside art festival” –Preferences: “Yo-Yo Ma” –Social Networking: “I’m going to this concert, anyone else?” Hypothesis: instigators –N% of population who really like to organize outings –Subscribe to events these people are interested in Provide personalized events as lightweight RSS feed –RSS a simple way of subscribing to things

34 Project Whisper Wed (Today): Talk on privacy (3:30PM) Fri Churchbrew (Lorrie, 6:30PM) Weekend Shadyside art festival (all day) Garage sale Squirrel Hill Future Yo-Yo Ma (Oct 28)

35 Project Whisper Wed (Today): Talk on privacy (3:30PM) Fri Churchbrew (Lorrie, 6:30PM) Weekend Shadyside art festival (all day) Garage sale Squirrel Hill Future Yo-Yo Ma (Oct 28) I get this because of simple keyword matching on “privacy”

36 Project Whisper Wed (Today): Talk on privacy (3:30PM) Fri Churchbrew (Lorrie, 6:30PM) Weekend Shadyside art festival (all day) Garage sale Squirrel Hill Future Yo-Yo Ma (Oct 28) I get this because I subscribe to Lorrie’s personal RSS feed

37 Project Whisper Wed (Today): Talk on privacy (3:30PM) Fri Churchbrew (Lorrie, 6:30PM) Weekend Shadyside art festival (all day) Garage sale Squirrel Hill Future Yo-Yo Ma (Oct 28) I get these two because I live in Shadyside Rather than current location, leverage where we spend a lot of our time (ie, home, work, etc)

38 Project Whisper Wed (Today): Talk on privacy (3:30PM) Fri Churchbrew (Lorrie, 6:30PM) Weekend Shadyside art festival (all day) Garage sale Squirrel Hill Future Yo-Yo Ma (Oct 28) I get this because of keyword “Yo Yo Ma”. I can also publish this as part of my personal RSS feed, so my friends can also see this event. Whisper can then help with who’s going, carpools, etc.

39 Summary of Projects Privacy, security, and ubiquitous computing Supporting Trust Decisions –Design patterns, Embedded Training, Public Health Privacy and Usability in Pervasive Environments –Design, implement, and eval multiple UIs Location-enhanced web –Systems and UI issues for combining location and web Whisper Community Event Service –Make it easier for people to find interesting events and coordinate who’s going

40 Future of Ubiquitous Computing? Jason I. Hong NSH 2504D

41 Perspective on Privacy “The problem, while often couched in terms of privacy, is really one of control. If the computational system is invisible as well as extensive, it becomes hard to know: – what is controlling what – what is connected to what – where information is flowing – how it is being used The Origins of Ubiquitous Computing Research at PARC in the Late 1980s Weiser, Gold, Brown Empower people so they can choose to share: the right information with the right people or services at the right time

42 Computers Are Becoming Ubiquitous…

43 … and Integrated with Real World

44 Client- Centered Architectures Basic idea: –Local sensing, local storage, local processing –Provide better control and feedback over sharing Examples: –Anonymous Broadcast Satellites (GPS, Sirius or XM), Radio (AM / FM), WiFi AP –Sensing: GPS, Cricket, Place Lab –Storage: Occasionally Connected Computing Sync up lots of potentially useful info beforehand –Services Geocoding, maps, etc These services would also be OCC services

45 Weaknesses of Client-Centered Approach Only useful for certain kinds of apps –Default is not to share info, some apps hard to build –Personal mobile apps vs Place-oriented apps (cameras) –Best for read-only data Requires really high-end devices –Invoke Moore’s Law –Fundamental tradeoff Centralized / decentralized tradeoff –Like hotmail vs cmu IMAP vs own IMAP –Decentralized probably scales better –But users are own sysadmins, viruses, spyware –Again, fundamental tradeoff

Download ppt "Privacy, Security, and Ubiquitous Computing Jason I. Hong."

Similar presentations

Implementing Tableau Server in an Enterprise Environment

Implementing Tableau Server in an Enterprise Environment
Abuse Testing Laboratory Management Laboratory Management.

Abuse Testing Laboratory Management Laboratory Management.
An Architecture for Privacy-Sensitive Ubiquitous Computing Jason I. Hong Group for User Interface Research Computer Science Division University of California.

An Architecture for Privacy-Sensitive Ubiquitous Computing Jason I. Hong Group for User Interface Research Computer Science Division University of California.
Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.

Supporting The Mobile Client: Expanding Our Borders John Guidone Manager, Desktop Technologies and Dawn E. Colonese Manager, Help Desk & Client Access.
Beyond Prototypes: Challenges in Deploying Ubiquitous Systems N. Davies and H. Gellersen IEEE pervasive computing, 2002 Presenter: Min Zhang

Beyond Prototypes: Challenges in Deploying Ubiquitous Systems N. Davies and H. Gellersen IEEE pervasive computing, 2002 Presenter: Min Zhang
Ellucian Mobile: Don’t text and drive, kids!

Ellucian Mobile: Don’t text and drive, kids!
Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp

Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp
Calendar Browser is a groupware used for booking all kinds of resources within an organization. Calendar Browser is installed on a file server and in a.

Calendar Browser is a groupware used for booking all kinds of resources within an organization. Calendar Browser is installed on a file server and in a.
YOUR INFORMATION YOUR DECISIONS YOUR LIFE. The INDIVIDUAL is the BEST POINT of ORIGINATION and INTEGRATION for DATA RELATING TO THEMSELVES.

YOUR INFORMATION YOUR DECISIONS YOUR LIFE. The INDIVIDUAL is the BEST POINT of ORIGINATION and INTEGRATION for DATA RELATING TO THEMSELVES.
1 System Needs for Fast Location Aware Application Development Spatial Group Meeting 4/1/2004 shashi-group/

1 System Needs for Fast Location Aware Application Development Spatial Group Meeting 4/1/2004 shashi-group/
Development and Evaluation of Emerging Design Patterns for Ubiquitous Computing Eric Chung Carnegie Mellon Jason Hong Carnegie Mellon Madhu Prabaker University.

Development and Evaluation of Emerging Design Patterns for Ubiquitous Computing Eric Chung Carnegie Mellon Jason Hong Carnegie Mellon Madhu Prabaker University.
Applications and Privacy Issues with Sensor Nets Jason Hong Carnegie Mellon University.

Applications and Privacy Issues with Sensor Nets Jason Hong Carnegie Mellon University.
© 2009 Research In Motion Limited Methods of application development for mobile devices.

© 2009 Research In Motion Limited Methods of application development for mobile devices.
Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Course Overview January.

Usable Privacy and Security Carnegie Mellon University Spring 2006 Cranor/Hong/Reiter 1 Course Overview January.
Privacy and Security in the Location-enhanced World Wide Web UC Berkeley Intel / UW UW Intel UC Berkeley Jason Hong Gaetano Boriello James Landay David.

Privacy and Security in the Location-enhanced World Wide Web UC Berkeley Intel / UW UW Intel UC Berkeley Jason Hong Gaetano Boriello James Landay David.
Can We Achieve Secure Mobile Computing Anytime Soon? Jason I. Hong WMCSA2006 April 7 2006.

Can We Achieve Secure Mobile Computing Anytime Soon? Jason I. Hong WMCSA2006 April
An Architecture for Privacy-Sensitive Ubiquitous Computing Jason I. Hong HCI Institute Carnegie Mellon University James A. Landay Computer Science and.

An Architecture for Privacy-Sensitive Ubiquitous Computing Jason I. Hong HCI Institute Carnegie Mellon University James A. Landay Computer Science and.
Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.

Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.
WebQuilt and Mobile Devices: A Web Usability Testing and Analysis Tool for the Mobile Internet Tara Matthews Seattle University April 5, 2001 Faculty Mentor:

WebQuilt and Mobile Devices: A Web Usability Testing and Analysis Tool for the Mobile Internet Tara Matthews Seattle University April 5, 2001 Faculty Mentor:
Presented by Tao HUANG Lingzhi XU. Context Mobile devices need exploit variety of connectivity options as they travel. Operating systems manage wireless.

Presented by Tao HUANG Lingzhi XU. Context Mobile devices need exploit variety of connectivity options as they travel. Operating systems manage wireless.

Similar presentations

Ads by Google