![Page 1: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/1.jpg)
Privacy Issues and Techniques for Monitoring Applications
Vibhor Rastogi
RFID Security Group
![Page 2: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/2.jpg)
Privacy in Monitoring Applications Monitoring apps collect personal information
Supports useful applications Personal reminder services or Personal Object trackers
Results in privacy issues RFID Ecosystem: RFID monitoring system
Monitors location information about users & their objects
Information is stored in a trusted central server Users query the central server
![Page 3: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/3.jpg)
RFID Ecosystem
Where is Alice?
Alice Charlie Delta
Where is Alice?
Bob & Alice are friendsCharlie & Alice have a scheduled meeting
Bob
Where is Alice?
![Page 4: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/4.jpg)
Central Privacy Issue: Access control Suppose a user asks a query
Is the answer public or private? It depends on multiple factors [Belloti et. al.] Context information of the Querier and the Subject
Rule-based access control Rules control the release of personal information Need to incorporate all the above factors
![Page 5: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/5.jpg)
Access Control: Challenges Rules need to incorporate context information
Many rules need to be defined Rules difficult to understand and manage
Context information might have to be inferred Context information may be uncertain
![Page 6: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/6.jpg)
Managability of Rules Our Solution
We identify a list of interesting scenarios and applications
Rules are defined to support the scenarios A constrained space of predefined rules Users have an option to enable/disable them
Example: Ownership scenario & Ownership rule
![Page 7: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/7.jpg)
The ownership scenarioBob: Where is my bookSystem: Alice has book
If B carries A’s object then release B has object to A
Context
![Page 8: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/8.jpg)
Context is crucialBob: Where is my bookSystem: Alice has book
Hidden Book
Right context may need to be inferred Done using PEEX
If B is with A’s object then release B has object to A
![Page 9: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/9.jpg)
Context is uncertain Access control Rules
Context is uncertain For example: 20% chance that ‘Alice Carries Book’ Let Pr(context) = pc & Pr(secret) = ps
Access control semantics If pc = 1 reveal ps
If pc = 0 hide ps
If (0 < pc < 1) then what?
If context then release secret to user
![Page 10: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/10.jpg)
Our approach: Perturbation method Reveal partial information in uncertain
context Perturb p`s = ps + noise(pc) Return p`s instead of ps
Compromise soundness Answers returned may be wrong Justifiable as system is itself uncertain! Degree of confidence in answer also returned
![Page 11: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/11.jpg)
Noise function -0.5 <= noise(pc) <= 0.5
pc = 0.5 pc = 0
![Page 12: Privacy Issues and Techniques for Monitoring Applications](https://reader036.vdocuments.us/reader036/viewer/2022070416/5681502b550346895dbe1a72/html5/thumbnails/12.jpg)
Conclusion Designing simple & intuitive rules important We design ACP for the RFID Ecosystem
Infer high level context Inferred context uncertain
Implementation of ACP Use perturbation methods for uncertain context