686,731 research outputs found

    Context-Dependent Privacy-Aware Photo Sharing based on Machine Learning

    Get PDF
    Photo privacy has raised a growing concern with the advancements of image analytics, face recognition, and deep learning techniques widely applied on social media. If properly deployed, these powerful techniques can in turn assist people in enhancing their online privacy. One possible approach is to build a strong, automatic and dynamic access control mechanism based on analyzing the image content and learning users sharing behavior. This paper presents a model for context-dependent and privacy-aware photo sharing based on machine learning. The proposed model utilizes image semantics and requester contextual information to decide whether or not to share a particular picture with a specific requester at certain context, and if yes, at which granularity. To evaluate the proposed model, we conducted a user study on 23 subjects and collected a dataset containing 1’018 manually annotated images with 12’216 personalized contextual sharing decisions. Evaluation experiments were performed and the results show a promising performance of the proposed model for photo sharing decision making. Furthermore, the influences of different types of features on decision making have been investigated, the results of which validate the usefulness of pre-defined features and imply a significant variance between users sharing behaviors and privacy attitudes

    Steps towards adaptive situation and context-aware access: a contribution to the extension of access control mechanisms within pervasive information systems

    Get PDF
    L'Ă©volution des systĂšmes pervasives a ouvert de nouveaux horizons aux systĂšmes d'information classiques qui ont intĂ©grĂ© des nouvelles technologies et des services qui assurent la transparence d'accĂšs aux resources d'information Ă  n'importe quand, n'importe oĂč et n'importe comment. En mĂȘme temps, cette Ă©volution a relevĂ© des nouveaux dĂ©fis Ă  la sĂ©curitĂ© de donnĂ©es et Ă  la modĂ©lisation du contrĂŽle d'accĂšs. Afin de confronter ces challenges, differents travaux de recherche se sont dirigĂ©s vers l'extension des modĂšles de contrĂŽles d'accĂšs (en particulier le modĂšle RBAC) afin de prendre en compte la sensibilitĂ© au contexte dans le processus de prise de dĂ©cision. Mais la liaison d'une dĂ©cision d'accĂšs aux contraintes contextuelles dynamiques d'un utilisateur mobile va non seulement ajouter plus de complexitĂ© au processus de prise de dĂ©cision mais pourra aussi augmenter les possibilitĂ©s de refus d'accĂšs. Sachant que l'accessibilitĂ© est un Ă©lĂ©ment clĂ© dans les systĂšmes pervasifs et prenant en compte l'importance d'assurer l'accĂ©ssibilitĂ© en situations du temps rĂ©el, nombreux travaux de recherche ont proposĂ© d'appliquer des mĂ©canismes flexibles de contrĂŽle d'accĂšs avec des solutions parfois extrĂȘmes qui depassent les frontiĂšres de sĂ©curitĂ© telle que l'option de "Bris-de-Glace". Dans cette thĂšse, nous introduisons une solution modĂ©rĂ©e qui se positionne entre la rigiditĂ© des modĂšles de contrĂŽle d'accĂšs et la flexibilitĂ© qui expose des risques appliquĂ©es pendant des situations du temps rĂ©el. Notre contribution comprend deux volets : au niveau de conception, nous proposons PS-RBAC - un modĂšle RBAC sensible au contexte et Ă  la situation. Le modĂšle rĂ©alise des attributions des permissions adaptatives et de solution de rechange Ă  base de prise de dĂ©cision basĂ©e sur la similaritĂ© face Ă  une situation importanteÀ la phase d'exĂ©cution, nous introduisons PSQRS - un systĂšme de rĂ©Ă©criture des requĂȘtes sensible au contexte et Ă  la situation et qui confronte les refus d'accĂšs en reformulant la requĂȘte XACML de l'utilisateur et en lui proposant une liste des resources alternatives similaires qu'il peut accĂ©der. L'objectif est de fournir un niveau de sĂ©curitĂ© adaptative qui rĂ©pond aux besoins de l'utilisateur tout en prenant en compte son rĂŽle, ses contraintes contextuelles (localisation, rĂ©seau, dispositif, etc.) et sa situation. Notre proposition a Ă©tĂ© validĂ© dans trois domaines d'application qui sont riches des contextes pervasifs et des scĂ©narii du temps rĂ©el: (i) les Équipes Mobiles GĂ©riatriques, (ii) les systĂšmes avioniques et (iii) les systĂšmes de vidĂ©o surveillance.The evolution of pervasive computing has opened new horizons to classical information systems by integrating new technologies and services that enable seamless access to information sources at anytime, anyhow and anywhere. Meanwhile this evolution has opened new threats to information security and new challenges to access control modeling. In order to meet these challenges, many research works went towards extending traditional access control models (especially the RBAC model) in order to add context awareness within the decision-making process. Meanwhile, tying access decisions to the dynamic contextual constraints of mobile users would not only add more complexity to decision-making but could also increase the possibilities of access denial. Knowing that accessibility is a key feature for pervasive systems and taking into account the importance of providing access within real-time situations, many research works have proposed applying flexible access control mechanisms with sometimes extreme solutions that depass security boundaries such as the Break-Glass option. In this thesis, we introduce a moderate solution that stands between the rigidity of access control models and the riskful flexibility applied during real-time situations. Our contribution is twofold: on the design phase, we propose PS-RBAC - a Pervasive Situation-aware RBAC model that realizes adaptive permission assignments and alternative-based decision-making based on similarity when facing an important situation. On the implementation phase, we introduce PSQRS - a Pervasive Situation-aware Query Rewriting System architecture that confronts access denials by reformulating the user's XACML access request and proposing to him a list of alternative similar solutions that he can access. The objective is to provide a level of adaptive security that would meet the user needs while taking into consideration his role, contextual constraints (location, network, device, etc.) and his situation. Our proposal has been validated in three application domains that are rich in pervasive contexts and real-time scenarios: (i) Mobile Geriatric Teams, (ii) Avionic Systems and (iii) Video Surveillance Systems

    Benefits of Location-Based Access Control:A Literature Study

    Get PDF
    Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, \ud attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been investigated thoroughly. To this end, we perform a structured literature review, and examine the goals that LBAC can potentially fulfill, \ud the specific LBAC systems that realize these goals and the context on which LBAC depends. Our paper has four main contributions:\ud first we propose a theoretical framework for LBAC evaluation, based on goals, systems and context. Second, we formulate and apply criteria for evaluating the usefulness of an LBAC system. Third, we identify four usage scenarios for LBAC: open areas and systems, hospitals, enterprises, and finally data centers and military facilities. Fourth, we propose directions for future research:\ud (i) assessing the tradeoffs between location-based, physical and logical access control, (ii) improving the transparency of LBAC decision making, and \ud (iii) formulating design criteria for facilities and working environments for optimal LBAC usage

    ConXsense - Automated Context Classification for Context-Aware Access Control

    Full text link
    We present ConXsense, the first framework for context-aware access control on mobile devices based on context classification. Previous context-aware access control systems often require users to laboriously specify detailed policies or they rely on pre-defined policies not adequately reflecting the true preferences of users. We present the design and implementation of a context-aware framework that uses a probabilistic approach to overcome these deficiencies. The framework utilizes context sensing and machine learning to automatically classify contexts according to their security and privacy-related properties. We apply the framework to two important smartphone-related use cases: protection against device misuse using a dynamic device lock and protection against sensory malware. We ground our analysis on a sociological survey examining the perceptions and concerns of users related to contextual smartphone security and analyze the effectiveness of our approach with real-world context data. We also demonstrate the integration of our framework with the FlaskDroid architecture for fine-grained access control enforcement on the Android platform.Comment: Recipient of the Best Paper Awar

    Privacy, security, and trust issues in smart environments

    Get PDF
    Recent advances in networking, handheld computing and sensor technologies have driven forward research towards the realisation of Mark Weiser's dream of calm and ubiquitous computing (variously called pervasive computing, ambient computing, active spaces, the disappearing computer or context-aware computing). In turn, this has led to the emergence of smart environments as one significant facet of research in this domain. A smart environment, or space, is a region of the real world that is extensively equipped with sensors, actuators and computing components [1]. In effect the smart space becomes a part of a larger information system: with all actions within the space potentially affecting the underlying computer applications, which may themselves affect the space through the actuators. Such smart environments have tremendous potential within many application areas to improve the utility of a space. Consider the potential offered by a smart environment that prolongs the time an elderly or infirm person can live an independent life or the potential offered by a smart environment that supports vicarious learning

    Knowledge-Intensive Processes: Characteristics, Requirements and Analysis of Contemporary Approaches

    Get PDF
    Engineering of knowledge-intensive processes (KiPs) is far from being mastered, since they are genuinely knowledge- and data-centric, and require substantial flexibility, at both design- and run-time. In this work, starting from a scientific literature analysis in the area of KiPs and from three real-world domains and application scenarios, we provide a precise characterization of KiPs. Furthermore, we devise some general requirements related to KiPs management and execution. Such requirements contribute to the definition of an evaluation framework to assess current system support for KiPs. To this end, we present a critical analysis on a number of existing process-oriented approaches by discussing their efficacy against the requirements
    • 

    corecore