A framework for privacy aware design in future mobile applications

Mobile communications and applications play an important role in connecting people ubiquitously across different domain spaces due to their portable nature and easy accessibility. Mobile applications have drastically changed the way businesses are run by bringing them closer to their customers. Businesses today are connected to cloud based-tools, which makes it easier to start and run a business. Furthermore, mobile applications have changed the way we communicate with each other in our daily lives. They have increasingly been deployed by companies to help with, among other things, the management of business efficiency, ease in accessing information, simplifying communication and the provision of user-friendly applications. The number of mobile devices is increasing exponentially, it is estimated that 1.5 billion devices are available to the public worldwide. In addition, there is a multitude of operating systems running on these devices, all running on different architectures and configurations. The diversity of the different versions of applications that need to be constantly updated as they become outdated makes mobile applications highly susceptible to security and privacy flaws. Until recently, privacy has not been the main centre of interest within the design of mobile applications. Although, a number of privacy preserving solutions have been developed to improve privacy, existing research solutions adopt static design models which are not suitable for mobile applications. There is a significant gap between having common practices for designing and implementing privacy-preserving methods due to the cross-disciplinary nature of mobile applications. Most importantly, personal data are constantly collected and shared with unknown recipients. This is a challenging problem as users are not aware of how their data is used and shared without their consent. Furthermore, existing privacy policies are not stringently implemented during application development. Application designers do not comply with regulations envisaged by data protection regulation bodies. To investigate the problem domain, this thesis takes a bottom-up approach and contributes by analyzing current mobile applications to determine the integration of privacy mechanisms and privacy policies at the application level. We should however note that, the focus of this work contributes to the knowledge related to designing of holistic privacy preserving mobile applications and not the implementation aspect. Furthermore, this thesis introduces a novel privacy trade-off analysis framework that enables the design of privacy-aware applications. A privacy trade-off analysis generates a design solution that best suits an application's privacy goals and requirements. To demonstrate the privacy-aware framework, TRANK, two prototypes in the eHealth domain and the V2X Telematics domain, that integrate privacy-preserving technologies in modern mobile applications have been implemented and tested. Our implementation takes into consideration the trade-off between privacy, functionality and performance to provide a better privacy-aware application. The resulting system enables users to choose which data are to be collected about them. In this way, users can easily opt in and out of the application without having to give up all their personally identifiable information whenever they choose to, thus, enhance their overall privacy preservation. To the best of our knowledge our framework and the results in this thesis out perform the existing state of-the-art privacy preserving solutions. The privacy-enhancing technologies employed and the privacy-by-design mechanisms introduced at the initial stages of development thus, aid the improvement of privacy in mobile applications

Empowering users to control their privacy in context-aware system through interactive consent

Context-aware systems adapt their behaviour based on the context a user is in. Since context is potentially privacy sensitive information, users should be empowered to control how much of their context they are willing to share, under what conditions and for what purpose. We propose an interactive consent mechanism that allows this. It is interactive in the sense that users are asked for consent when a request for their context information is received. Our interactive consent mechanism complements a more traditional pre-configuration approach. We describe the architecture, the implementation of our interactive consent mechanism and a use case

Economic location-based services, privacy and the relationship to identity

Mobile telephony and mobile internet are driving a new application paradigm: location-based services (LBS). Based on a person’s location and context, personalized applications can be deployed. Thus, internet-based systems will continuously collect and process the location in relationship to a personal context of an identified customer. One of the challenges in designing LBS infrastructures is the concurrent design for economic infrastructures and the preservation of privacy of the subjects whose location is tracked. This presentation will explain typical LBS scenarios, the resulting new privacy challenges and user requirements and raises economic questions about privacy-design. The topics will be connected to “mobile identity” to derive what particular identity management issues can be found in LBS

The Revolution of Mobile Phone-Enabled Services for Agricultural Development (m-Agri Services) in Africa: The Challenges for Sustainability

The provision of information through mobile phone-enabled agricultural information services (m-Agri services) has the potential to revolutionise agriculture and significantly improve smallholder farmers’ livelihoods in Africa. Globally, the benefits of m-Agri services include facilitating farmers’ access to financial services and sourcing agricultural information about input use, practices, and market prices. There are very few published literature sources that focus on the potential benefits of m-Agri services in Africa and none of which explore their sustainability. This study, therefore, explores the evolution, provision, and sustainability of these m-Agri services in Africa. An overview of the current landscape of m-Agri services in Africa is provided and this illustrates how varied these services are in design, content, and quality. Key findings from the exploratory literature review reveal that services are highly likely to fail to achieve their intended purpose or be abandoned when implementers ignore the literacy, skills, culture, and demands of the target users. This study recommends that, to enhance the sustainability of m-Agri services, the implementers need to design the services with the users involved, carefully analyse, and understand the target environment, and design for scale and a long-term purpose. While privacy and security of users need to be ensured, the reuse or improvement of existing initiatives should be explored, and projects need to be data-driven and maintained as open source. Thus, the study concludes that policymakers can support the long-term benefit of m-Agri services by ensuring favourable policies for both users and implementers

Integrated context-aware and cloud-based adaptive home screens for android phones

This is the post-print version of this Article. The official published version can be accessed from the link below - Copyright @ 2011 Springer VerlagThe home screen in Android phones is a highly customizable user interface where the users can add and remove widgets and icons for launching applications. This customization is currently done on the mobile device itself and will only create static content. Our work takes the concept of Android home screen [3] one step further and adds flexibility to the user interface by making it context-aware and integrated with the cloud. Overall results indicated that the users have a strong positive bias towards the application and that the adaptation helped them to tailor the device to their needs by using the different context aware mechanisms

A User-Focused Reference Model for Wireless Systems Beyond 3G

This whitepaper describes a proposal from Working Group 1, the Human Perspective of the Wireless World, for a user-focused reference model for systems beyond 3G. The general structure of the proposed model involves two "planes": the Value Plane and the Capability Plane. The characteristics of these planes are discussed in detail and an example application of the model to a specific scenario for the wireless world is provided

Privacy in crowdsourcing:a systematic review

The advent of crowdsourcing has brought with it multiple privacy challenges. For example, essential monitoring activities, while necessary and unavoidable, also potentially compromise contributor privacy. We conducted an extensive literature review of the research related to the privacy aspects of crowdsourcing. Our investigation revealed interesting gender differences and also differences in terms of individual perceptions. We conclude by suggesting a number of future research directions.</p