Presentation is loading. Please wait.

Presentation is loading. Please wait.

Extending context models for privacy in pervasive computing environments Jadwiga Indulska The School of Information Technology and Electrical Engineering,

Published byBrooke Crawford Modified over 8 years ago

Similar presentations

Presentation on theme: "Extending context models for privacy in pervasive computing environments Jadwiga Indulska The School of Information Technology and Electrical Engineering,"— Presentation transcript:

1 Extending context models for privacy in pervasive computing environments Jadwiga Indulska The School of Information Technology and Electrical Engineering, The University of Queensland

2 Talk outline Pervasive computing Challenges in privacy enforcement Modelling of context information Requirements for ownership definitions Capturing ownership Context schemas Privacy enforcement based on ownership Summary

3 Pervasive computing Relies on context information to dynamically adapt to user requirements Context information obtained from: Sensors Sensors User profiles User profiles Applications Applications Derivation mechanisms Derivation mechanisms Some types of context info can be sensitive (e.g., user location and activity) Sensitive context needs protection => privacy enforcement

4 Challenges in privacy enforcement Loose couplings between people and resources Often no direct link between context source and owner (e.g., camera and people captured by camera) Heterogeneous privacy requirements due to: Differences in information sensitivity Differences in information sensitivity Differences in user preferences Differences in user preferences Context-dependent changes in preferences Context-dependent changes in preferences Ownership may be context-dependent

5 Ownership of context information Issue of context ownership is largely ignored Context management systems either: provide no privacy support, or provide no privacy support, or assume prior organisation of information by owner assume prior organisation of information by owner Our work addresses it directly and integrates ownership information into context models Ownership is captured at level of: Object types Object types Fact types Fact types Situations Situations

6 Modelling of context information We use a fact-based modelling approach (CML) In approach, developers define: Entity types about which context information is represented Entity types about which context information is represented Types of context information represented (context fact types) Types of context information represented (context fact types) Sources of context information Sources of context information Quality annotations (quality metadata about facts) Quality annotations (quality metadata about facts) Dependencies between facts Dependencies between facts Various other constraints and metadata on fact types Various other constraints and metadata on fact types

7 Example CML model PersonActivityDevice Place engagedIn locatedAt owns canUse Organis ation ownedBy controlledBy Device Type hasType [] Profiled Sensed Temporal Uniqueness constraints []

8 Terminology Object type: Modelled as ellipsis in CML Modelled as ellipsis in CML Class of entity described in context information (e.g., Person) Class of entity described in context information (e.g., Person) Fact type: Modelled as role boxes in CML Modelled as role boxes in CML Relation on one or more object types (e.g., locatedAt) Relation on one or more object types (e.g., locatedAt)Object: Instance of Object type (e.g., the person Alice) Instance of Object type (e.g., the person Alice)

9 Situation: Describes context at higher level than facts Describes context at higher level than facts Defined using variation of predicate logic Defined using variation of predicate logic Expresses conditions on context Expresses conditions on context Evaluates to truth value (true, false, or unknown) Evaluates to truth value (true, false, or unknown) E.g., E.g., Terminology (cont.) MeetingInProgress(room):  person locatedAt[person, room] engagedIn[person, meeting]

10 Requirements for ownership definitions Context models instantiated as large fact bases => ownership must be scalable Ownership must be definable at: organisational level organisational level individual level individual level Ownership must be context-dependent Owners of context information should have access at all times Context ownership (potentially) shared by multiple entities

11 Capturing ownership Ownership expressed through SQL-like context schema Our approach has clear benefits: Context can be owned by multiple entities Context can be owned by multiple entities Ownership can be context dependent Ownership can be context dependent Ownership supported on: Object types Object types Fact types Fact types Situations Situations

12 Ownership of object types 3 classes of ownership for objects types: First class (capable of owning) First class (capable of owning) Second class (can be owned) Second class (can be owned) Third class (never have owners) Third class (never have owners) E.g., a person (first class) owns a laptop (second class), which has a device type (third class) Default ownership of a context fact is defined as the union of the owners of objects participating in roles

13 Object type classes PersonActivityDevice Place engagedIn locatedAt owns canUse Organis ation ownedBy controlledBy Device Type hasType [] 1 st Class 2 nd Class 3 rd Class

14 Ownership of fact types Can override default fact ownership by defining ownership explicitly on fact types Facts may have 0, 1 or multiple owners 0 owners: Can be accessed by anyone Can be accessed by anyone No privacy preferences applied No privacy preferences applied 1, multiple owners: Always accessible to owners Always accessible to owners Disclosed according to preferences of all owners Disclosed according to preferences of all owners

15 Ownership of situations Situations are defined in terms of context facts and logical connectives (and, or, not, exists, forall) Evaluating ownership on each fact is expensive! Assigning ownership to entire situation is cheaper Situations can be: Unowned Unowned Owned by 1 entity Owned by 1 entity Owned by multiple entities Owned by multiple entities

16 Context schemas Loosely based on SQL Alternative textual format for modelling context Defines object types in domain Fact types defined in terms of object types Situations defined in terms of fact types Used as input for schema compiler which can be hooked up to tools for generating various outputs (e.g., model- specific helper classes for context manipulation) Can be extended with ownership information

17 First class objects Tagged “ FIRST CLASS ” Tagged “ FIRST CLASS ” e.g., FIRST CLASS Person e.g., FIRST CLASS Person Second class objects Tagged “ SECOND CLASS ” Tagged “ SECOND CLASS ” Must also be “ OWNED BY ” a first class object Must also be “ OWNED BY ” a first class object Ownership may be context-dependent, e.g., Ownership may be context-dependent, e.g., Third class Objects Tagged “THIRD CLASS” Tagged “THIRD CLASS” e.g, THIRD CLASS DeviceType e.g, THIRD CLASS DeviceType Object type declarations SECOND CLASS Device OWNED BY SELECT person FROM Using WHERE using.device = Device

18 Fact type declarations Fact types declared separately Declaration includes: Object types participating in fact type roles Optional ownership information (default ownership is assumed if not present) For example: CREATE SENSED FACT TYPE locatedAt( Person person KEY, Place place ALTROLE ) OWNED BY person

19 Situation declarations CREATE SITUATION Engaged(device)… OWNED BY SELECT person FROM owns WHERE owns.device = device UNION SELECT organisation FROM ownedBy WHERE ownedBy.device = device Example situation ownership definition:

20 Privacy enforcement based on ownership Modelling ownership is a first step towards enforcing privacy However, also require information about owners’ privacy requirements We express these requirements using our previously defined model for context-dependent preferences

21 Privacy enforcement based on ownership (cont.) Privacy preferences contain: A scope statement (listing activation conditions) A scope statement (listing activation conditions) A scoring expression (oblige or prohibit) A scoring expression (oblige or prohibit) Scope statement can contain the following variables: Requester Requester Owner Owner Purpose Purpose Fact type or situation Fact type or situation Fact type attributes OR situation variables Fact type attributes OR situation variables We are developing an access control scheme that incorporates our ownership and preference models We are developing an access control scheme that incorporates our ownership and preference models

22 Summary Sensitive context information requires privacy enforcement One of the challenges is in first determining ownership of context information We support ownership declarations as an extension to context models Ownership declarations can be defined at three levels: Object level Object level Fact type level Fact type level Situation level Situation level Ownership information can be combined with context- dependent privacy preferences to provide access control for pervasive computing environments

Download ppt "Extending context models for privacy in pervasive computing environments Jadwiga Indulska The School of Information Technology and Electrical Engineering,"

Similar presentations

Entity Relationship Diagrams

Entity Relationship Diagrams
Improving Learning Object Description Mechanisms to Support an Integrated Framework for Ubiquitous Learning Scenarios María Felisa Verdejo Carlos Celorrio.

Improving Learning Object Description Mechanisms to Support an Integrated Framework for Ubiquitous Learning Scenarios María Felisa Verdejo Carlos Celorrio.
Data Modeling and Database Design Chapter 1: Database Systems: Architecture and Components.

Data Modeling and Database Design Chapter 1: Database Systems: Architecture and Components.
Towards a hybrid approach to context modelling, reasoning and interoperation Karen Henricksen CRC for Enterprise Distributed Systems Technology (DSTC)

Towards a hybrid approach to context modelling, reasoning and interoperation Karen Henricksen CRC for Enterprise Distributed Systems Technology (DSTC)
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
Using XACML Policies to Express OAuth Scope Hal Lockhart Oracle June 27, 2013.

Using XACML Policies to Express OAuth Scope Hal Lockhart Oracle June 27, 2013.
Trust Establishment in Pervasive Grid Environments Syed Naqvi, Michel Riguidel TÉLÉCOM PARIS ÉNST É cole N ationale S upérieur des T élécommunications.

Trust Establishment in Pervasive Grid Environments Syed Naqvi, Michel Riguidel TÉLÉCOM PARIS ÉNST É cole N ationale S upérieur des T élécommunications.
Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 7 Data Modeling Using the Entity- Relationship (ER) Model.

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 7 Data Modeling Using the Entity- Relationship (ER) Model.
Pervasive Enablement of Business Process 徐天送 2004/11/2.

Pervasive Enablement of Business Process 徐天送 2004/11/2.
Marakas: Decision Support Systems, 2nd Edition © 2003, Prentice-Hall Chapter 1 - 1 Chapter 1: Introduction to Decision Support Systems Decision Support.

Marakas: Decision Support Systems, 2nd Edition © 2003, Prentice-Hall Chapter Chapter 1: Introduction to Decision Support Systems Decision Support.
Introduction to Databases Transparencies

Introduction to Databases Transparencies
Describing Syntax and Semantics

Describing Syntax and Semantics
C++ for Engineers and Scientists Third Edition

C++ for Engineers and Scientists Third Edition
Chapter 8 Structuring System Data Requirements

Chapter 8 Structuring System Data Requirements
1 Pertemuan 04 MODEL RELASIONAL Matakuliah: >/ > Tahun: > Versi: >

1 Pertemuan 04 MODEL RELASIONAL Matakuliah: >/ > Tahun: > Versi: >
BIS310: Week 7 BIS310: Structured Analysis and Design Data Modeling and Database Design.

BIS310: Week 7 BIS310: Structured Analysis and Design Data Modeling and Database Design.
Copyright 2002 Prentice-Hall, Inc. Modern Systems Analysis and Design Third Edition Jeffrey A. Hoffer Joey F. George Joseph S. Valacich Chapter 10 Structuring.

Copyright 2002 Prentice-Hall, Inc. Modern Systems Analysis and Design Third Edition Jeffrey A. Hoffer Joey F. George Joseph S. Valacich Chapter 10 Structuring.
LÊ QU Ố C HUY ID: QLU13069 1. OUTLINE  What is data mining ?  Major issues in data mining 2.

LÊ QU Ố C HUY ID: QLU OUTLINE  What is data mining ?  Major issues in data mining 2.
Computer System Analysis Chapter 10 Structuring System Requirements: Conceptual Data Modeling Dr. Sana’a Wafa Al-Sayegh 1 st quadmaster University of Palestine.

Computer System Analysis Chapter 10 Structuring System Requirements: Conceptual Data Modeling Dr. Sana’a Wafa Al-Sayegh 1 st quadmaster University of Palestine.
CSE314 Database Systems Data Modeling Using the Entity- Relationship (ER) Model Doç. Dr. Mehmet Göktürk src: Elmasri & Navanthe 6E Pearson Ed Slide Set.

CSE314 Database Systems Data Modeling Using the Entity- Relationship (ER) Model Doç. Dr. Mehmet Göktürk src: Elmasri & Navanthe 6E Pearson Ed Slide Set.

Similar presentations

Ads by Google