ABSTRACT
Privacy is the most often-cited criticism of ubiquitous computing, and may be the greatest barrier to its long-term success. However, developers currently have little support in designing software architectures and in creating interactions that are effective in helping end-users manage their privacy. To address this problem, we present Confab, a toolkit for facilitating the development of privacy-sensitive ubiquitous computing applications. The requirements for Confab were gathered through an analysis of privacy needs for both end-users and application developers. Confab provides basic support for building ubiquitous computing applications, providing a framework as well as several customizable privacy mechanisms. Confab also comes with extensions for managing location privacy. Combined, these features allow application developers and end-users to support a spectrum of trust levels and privacy needs.
- AllNurses.com. http://allnurses.com/]]Google Scholar
- Directive 95/46/EC. http://europa.eu.int/ISPO/legal/en/dataprot/directiv/directiv.html]]Google Scholar
- MedicAlert. http://www.medicalert.org]]Google Scholar
- Abowd, G.D., C.G. Atkeson, J. Hong, S. Long, R. Kooper, and M. Pinkerton, Cyberguide: A Mobile Context-Aware Tour Guide. Baltzer/ACM Wireless Networks 1997. 3(5): p. 421--433.]] Google ScholarDigital Library
- Adams, A. Multimedia Information Changes the Whole Privacy Ball Game. In Proceedings of Computers, Freedom, and Privacy. Toronto, Canada: ACM Press. pp. 25--32 2000.]] Google Scholar
- Addlesee, M., R. Curwen, S.H. Newman, P. Steggles, A. Ward, and A. Hopper, Implementing a Sentient Computing System. IEEE Computer 2001. 34(8): p. 50--56.]] Google ScholarDigital Library
- AT&T, AT&T Wireless mMode - Find Friends. http://www.attwireless.com/mmode/features/findit/FindFriends/]]Google Scholar
- Barkhuus, L. and A.K. Dey. Location-based services for mobile telephony: a study of users' privacy concerns. In Proceedings of INTERACT 2003, 9th IFIP TC13 International Conference on Human-Computer Interaction. pp. To appear 2003.]]Google Scholar
- Bellotti, V. and A. Sellen. Design for Privacy in Ubiquitous Computing Environments. In Proceedings of The Third European Conference on Computer Supported Cooperative Work (ECSCW'93). Milan, Italy: Kluwer Academic Publishers 1993.]] Google ScholarDigital Library
- Beresford, A. and F. Stajano, Location Privacy in Pervasive Computing, IEEE Pervasive Computing, vol. 2(1): pp. 46--55, 2003.]] Google ScholarDigital Library
- Brin, D., The Transparent Society. Reading, MA: Perseus Books, 1998.]]Google Scholar
- Brown, P.J. and G.J.F. Jones, Context-aware Retrieval: Exploring a New Environment for Information Retrieval and Information Filtering. Personal and Ubiquitous Computing 2001. 5(4): p. 253--263.]] Google ScholarDigital Library
- Burrell, J., G.K. Gay, K. Kubo, and N. Farina. Context-Aware Computing: A Test Case. In Proceedings of Ubicomp 2002. Göteborg, Sweden. pp. 1--15 2002.]] Google ScholarDigital Library
- Cadiz, J. and A. Gupta, Privacy Interfaces for Collaboration. Technical Report MSR-TR-2001-82, Microsoft Research, Redmond, WA 2001.]]Google Scholar
- Castro, P. and R. Muntz, Managing Context for Smart Spaces. IEEE Personal Communications 2000. 5(5).]]Google Scholar
- Chen, G. and D. Kotz. Context Aggregation and Dissemination in Ubiquitous Computing Systems. In Proceedings of Fourth IEEE Workshop on Mobile Computing Systems and Applications. pp. 105--114 2002.]] Google ScholarDigital Library
- Crowley, J.L., J. Coutaz, G. Rey, and P. Reignier. Perceptual Components for Context Aware Computing. In Proceedings of Ubicomp 2002. Göteborg, Sweden. pp. 117--134 2002.]] Google ScholarDigital Library
- Cuellar, J., J. John B. Morris, D. Mulligan, J. Peterson, and J. Polk, Geopriv requirements (Internet Draft). 2003, IETF. http://www.ietf.org/internet-drafts/draft-ietf-geopriv-reqs-04.txt]] Google ScholarDigital Library
- Davies, N., S.P. Wade, A. Friday, and G.S. Blair. Limbo: A tuple space based platform for adaptive mobile applications. In Proceedings of The International Conference on Open Distributed processing / Distributed Platforms (ICODP/ICDP '97). pp. 291--302 1997.]] Google ScholarDigital Library
- Dey, A.K., D. Salber, and G.D. Abowd, A Conceptual Framework and a Toolkit for Supporting the Rapid Prototyping of Context-Aware Applications. Human-Computer Interaction (HCI) Journal 2001. 16(2-3): p. 97--166.]]Google Scholar
- Doheny-Farina, S., The Last Link: Default = Offline, Or Why Ubicomp Scares Me, Computer-mediated Communication, vol. 1(6): pp. 18--20, 1994.]]Google Scholar
- Edwards, J., Location Privacy Protection Act of 2001. http://www.techlawjournal.com/cong107/privacy/location/s1164is.asp]]Google Scholar
- Edwards, W.K., M.W. Newman, J.Z. Sedivy, T.F. Smith, and S. Izadi. Challenge: Recombinant Computing and the Speakeasy Approach. In Proceedings of Eighth ACM International Conference on Mobile Computing and Networking (MobiCom 2002). pp. 279--286 2002.]] Google ScholarDigital Library
- Espinoza, F., P. Persson, A. Sandin, H. Nyström, E. Cacciatore, and M. Bylund. GeoNotes: Social and Navigational Aspects of Location-Based Information Systems. In Proceedings of Ubicomp 2001. Atlanta, GA. pp. 2--17 2001.]] Google ScholarDigital Library
- Falk, J., P. Ljungstrand, S. Björk, and R. Hansson. Pirates: Proximity-Triggered Interaction in a Multi-Player Game. In Proceedings of Human Factors in Computing Systems: CHI 2001 (Extended Abstracts). pp. 119--120 2001.]] Google ScholarDigital Library
- Federal Communications Commission, Enhanced 911. http://www.fcc.gov/911/enhanced/]]Google Scholar
- Frelinghuysen, R., Wireless Privacy Protection Act of 2003. http://www.theorator.com/bills108/hr71.html]]Google Scholar
- Garfinkel, S., Database Nation: The Death of Privacy in the 21st Century: O'Reilly & Associates, 2001.]] Google ScholarDigital Library
- Geocaching. http://www.geocaching.com/]]Google Scholar
- Grimm, R., J. Davis, E. Lemar, A. Macbeth, S. Swanson, T. Anderson, B. Bershad, G. Borriello, S. Gribble, and D. Wetherall, Programming for pervasive computing environments. Technical Report UW-CSE-01-06-01, University of Washington Department of Computer Science and Engineering, Seattle, WA 2001.]]Google Scholar
- Griswold, W.G., P. Shanahan, S.W. Brown, and R. Boyer, ActiveCampus - Experiments in Community-Oriented Ubiquitous Computing. Technical Report CS2003-0765, Computer Science and Engineering, UC San Diego 2003.]]Google Scholar
- Grudin, J., Desituating Action: Digital Representation of Context. Human-Computer Interaction (HCI) Journal 2001. 16(2-4).]]Google Scholar
- Grudin, J. and E. Horvitz, Presenting choices in context: approaches to information sharing. 2003: Workshop on Ubicomp communities: Privacy as Boundary Negotiation. http://guir.berkeley.edu/pubs/ubicomp2003/privacyworkshop/papers.htm]]Google Scholar
- Gruteser, M. and D. Grunwald. Anonymous Usage of Location-Based Services Through Spatial and Temporal Cloaking. In Proceedings of The First International Conference on Mobile Systems, Applications, and Services (MobiSys 2002) 2002.]] Google ScholarDigital Library
- Harper, R.H.R., Why Do People Wear Active Badges? Technical Report EPC-1993-120, Rank Xerox, Cambridge 1993.]]Google Scholar
- Heer, J., A. Newberger, C. Beckmann, and J.I. Hong. liquid: Context-Aware Distributed Queries. In Proceedings of Fifth International Conference on Ubiquitous Computing: Ubicomp 2003. Seattle, WA: Springer-Verlag. pp. 140--148 2003.]]Google ScholarCross Ref
- Hindus, D., S.D. Mainwaring, N. Leduc, A.E. Hagström, and O. Bayley, Casablanca: Designing Social Communication Devices for the Home. CHI Letters (Human Factors in Computing Systems: CHI 2001), 2001. 3(1): p. 325--332.]] Google ScholarDigital Library
- Hong, J.I., G. Boriello, J.A. Landay, D.W. McDonald, B.N. Schilit, and J.D. Tygar. Privacy and Security in the Location-enhanced World Wide Web. In Proceedings of Fifth International Conference on Ubiquitous Computing: Ubicomp 2003 (Workshop on Ubicomp Communities: Privacy as Boundary Negotiation). Seattle, WA 2003.]]Google Scholar
- IBM Corporation, Enterprise Privacy Authorization Language (EPAL 1.1). http://www.zurich.ibm.com/security/enterprise-privacy/epal/Specification/]]Google Scholar
- Jiang, X., N.Y. Chen, J.I. Hong, K. Wang, L.A. Takayama, and J.A. Landay. Siren: Context-aware Computing for Firefighting. In Proceedings of The Second International Conference on Pervasive Computing (Pervasive 2004). Vienna, Austria. pp. To Appear 2004.]]Google ScholarCross Ref
- Jiang, X., J.I. Hong, and J.A. Landay. Approximate Information Flows: Socially-based Modeling of Privacy in Ubiquitous Computing. In Proceedings of Ubicomp 2002. Göteborg, Sweden. pp. 176--193 2002.]] Google ScholarDigital Library
- Johanson, B., A. Fox, and T. Winograd, The Interactive Workspaces Project: Experiences with Ubiquitous Computing Rooms. IEEE Pervasive Computing 2002. 1(2): p. 67--74.]] Google ScholarDigital Library
- Kaasinen, E., User Needs for Location-aware Mobile Services. Personal and Ubiquitous Computing 2003. 7(1): p. 70--79.]] Google ScholarDigital Library
- Kaasinen, E., User Needs for Location-aware Mobile Services. Personal and Ubiquitous Computing 2003. 7(1): p. 70--79.]] Google ScholarDigital Library
- Korba, L. and S. Kenny. Towards Meeting the Privacy Challenge: Adapting DRM. In Proceedings of 2002 ACM Workshop on Digital Rights Management. Washington DC, USA 2002.]]Google Scholar
- Lamming, M. and M. Flynn. Forget-me-not: Intimate computing in support of human memory. In Proceedings of FRIEND 21: International Symposium on Next Generation Human Interfaces. Meguro Gajoen, Japan. pp. 125--128 1994.]]Google Scholar
- Langheinrich, M. A Privacy Awareness System for Ubiquitous Computing Environments. In Proceedings of Ubicomp 2002. Goteberg, Sweden. pp. 237-245 2002.]] Google ScholarDigital Library
- Langheinrich, M. Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems. In Proceedings of Ubicomp 2001. Atlanta, GA. pp. 273-291 2001.]] Google ScholarDigital Library
- Lederer, S., J. Mankoff, and A.K. Dey. Who Wants to Know What When? Privacy Preference Determinants in Ubiquitous Computing. In Proceedings of Extended Abstracts of CHI 2003, ACM Conference on Human Factors in Computing Systems. Fort Lauderdale, FL. pp. 724--725 2003.]] Google ScholarDigital Library
- Lessig, L. The Architecture of Privacy. In Proceedings of Taiwan NET'98. Taipei, Taiwan 1998.]]Google Scholar
- Mayor, M., New Wireless Device Could Rescue Firefighters. 2001. http://www.wirelessnewsfactor.com/perl/story/9134.html]]Google Scholar
- Nagel, K., C.D. Kidd, T. O'Connell, A. Dey, and G.D. Abowd. The Family Intercom: Developing a Context-Aware Audio Communication System. In Proceedings of Ubicomp 2001. Atlanta, GA. pp. 176--183 2001.]] Google ScholarDigital Library
- Olsen, D.R., S. Jefferies, T. Nielsen, W. Moyes, and P. Frederickson, Cross-modal Interaction using XWeb. CHI Letters, The 13th Annual ACM Symposium on User Interface Software and Technology: UIST 2000 2000. 2(2): p. 191--200.]] Google ScholarDigital Library
- OnStar. http://www.onstar.com/]]Google Scholar
- Palen, L. and P. Dourish, Unpacking "Privacy" for a Networked World. CHI Letters (Human Factors in Computing Systems: CHI 2003), 2003. 5(1): p. 129--136.]] Google ScholarDigital Library
- Pascoe, J. The Stick-e Note Architecture: Extending the Interface Beyond the User. In Proceedings of International Conference on Intelligent User Interfaces. pp. 261--264 1997.]] Google ScholarDigital Library
- Povey, D. Optimistic Security: A New Access Control Paradigm. In Proceedings of 1999 New Security Paradigms Workshop 1999.]] Google ScholarDigital Library
- Priyantha, N.B., A. Chakraborty, and H. Balakrishnan. The Cricket Location-Support System. In Proceedings of MobiCom 2000: The Sixth Annual International Conference on Mobile Computing and Networking. Boston, Massachusetts: ACM Press. pp. 32--43 2000.]] Google ScholarDigital Library
- Rhodes, B. and T. Starner. The Remembrance Agent: A Continuously Running Automated Information Retrieval System. In Proceedings of The First International Conference on The Practical Application of Intelligent Agents and Multi Agent Technology (PAAM '96). London, UK. pp. 487--495 1996.]]Google Scholar
- Román, M., C.K. Hess, R. Cerqueira, A. Ranganathan, R.H. Campbell, and K. Nahrstedt, Gaia: A Middleware Infrastructure to Enable Active Spaces. IEEE Pervasive Computing 2002. 1(4): p. 74--83.]] Google ScholarDigital Library
- Schilit, B.N., A Context-Aware System Architecture for Mobile Distributed Computing, Unpublished PhD, Columbia University, 1995. http://seattleweb.intel-research.net/people/schilit/schilit-thesis.pdf]] Google ScholarDigital Library
- Schilit, B.N., N.I. Adams, and R. Want. Context-Aware Computing Applications. In Proceedings of Workshop on Mobile Computing Systems and Applications. Santa Cruz, CA: IEEE Computer Society, December 1994 1994.]]Google ScholarDigital Library
- Schilit, B.N., G. Borriello, W.G. Griswold, D. McDonald, A. Lamarca, J. Hong, E. Lazowska, A. Balachandran, and V. Iverson. Challenge: Ubiquitous Location-Aware Computing. In Proceedings of The First ACM International Workshop on Wireless Mobile Applications and Services on WLAN Hotspots (WMASH '03). San Diego, CA: ACM Press. pp. To Appear 2003.]] Google ScholarDigital Library
- Sloane, L., Orwellian Dream Come True: A Badge That Pinpoints You, New York Times pp. 14, 1992.]]Google Scholar
- Spreitzer, M. and M. Theimer. Providing location information in a ubiquitous computing environment. In Proceedings of Fourteenth ACM Symposium on Operating System Principles. Asheville, NC: ACM Press, December 1993.]] Google ScholarDigital Library
- Sweeney, L., k-anonymity: a model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems 2002. 10(5): p. 557--570.]] Google ScholarDigital Library
- Talbott, S., The Trouble with Ubiquitous Technology Pushers, or: Why We'd Be Better Off without the MIT Media Lab. 2000. http://www.oreilly.com/people/staff/stevet/netfuture/2000/Jan0600_100.html]]Google Scholar
- Want, R., A. Hopper, V. Falcão, and J. Gibbons, The Active Badge Location System. ACM Transactions on Information Systems 1992. 10(1): p. 91--102.]] Google ScholarDigital Library
- Weiser, M., R. Gold, and J.S. Brown, The Origins of Ubiquitous Computing Research at PARC in the Late 1980s. IBM Systems Journal 1999. 38(4): p. 693--696.]] Google ScholarDigital Library
- Westin, A.F., Privacy and Freedom. New York NY: Atheneum, 1967.]]Google Scholar
- Whalen, J., You're Not Paranoid: They Really Are Watching You, Wired Magazine, vol. 3(3): pp. 95--85, 1995.]]Google Scholar
Index Terms
- An architecture for privacy-sensitive ubiquitous computing
Recommendations
Privacy risk models for designing privacy-sensitive ubiquitous computing systems
DIS '04: Proceedings of the 5th conference on Designing interactive systems: processes, practices, methods, and techniquesPrivacy is a difficult design issue that is becoming increasingly important as we push into ubiquitous computing environments. While there is a fair amount of theoretical work on designing for privacy, there are few practical methods for helping ...
Keeping ubiquitous computing to yourself: a practical model for user control of privacy
Special isssue: HCI research in privacy and security is critical nowAs with all the major advances in information and communication technology, ubiquitous computing (ubicomp) introduces new risks to individual privacy. Our analysis of privacy protection in ubicomp has identified four layers through which users must ...
Privacy protection by typing in ubiquitous computing systems
A novel privacy type system is proposed to protect the privacy of context information in ubiquitous computing systems.The subject reduction property of the proposed type system is formally established to guarantee that a well-typed process can only ...
Comments