Mobile Identity Management Revisited

Identity management provides PET (privacy enhancing technology) tools for users to control privacy of their personal data. With the support of mobile location determination techniques based on GPS, WLAN, Bluetooth, etc., context-aware and location-aware mobile applications (e.g. restaurant finder, friend finder, indoor and outdoor navigation, etc.) have gained quite big interest in the business and IT world. Considering sensitive static personal information (e.g. name, address, phone number, etc.) and also dynamic personal information (e.g. current location, velocity in car, current status, etc.), mobile identity management is required to help mobile users to safeguard their personal data. In this paper, we evaluate certain required aspects and features (e.g. context-to-context dependence and relation, blurring in levels, trust management with p3p integration, extended privacy preferences, etc.) of mobile identity managemen

Occupant Privacy Perception, Awareness, and Preferences in Smart Office Environments

Building management systems tout numerous benefits, such as energy efficiency and occupant comfort but rely on vast amounts of data from various sensors. Advancements in machine learning algorithms make it possible to extract personal information about occupants and their activities beyond the intended design of a non-intrusive sensor. However, occupants are not informed of data collection and possess different privacy preferences and thresholds for privacy loss. While privacy perceptions and preferences are most understood in smart homes, limited studies have evaluated these factors in smart office buildings, where there are more users and different privacy risks. To better understand occupants' perceptions and privacy preferences, we conducted twenty-four semi-structured interviews between April 2022 and May 2022 on occupants of a smart office building. We found that data modality features and personal features contribute to people's privacy preferences. The features of the collected modality define data modality features -- spatial, security, and temporal context. In contrast, personal features consist of one's awareness of data modality features and data inferences, definitions of privacy and security, and the available rewards and utility. Our proposed model of people's privacy preferences in smart office buildings helps design more effective measures to improve people's privacy

Supporting Location Privacy Management through Feedback and Control

Participation in modern, socially-focused digital systems involves a large degree of privacy management, i.e. controlling who may access what information under what circumstances. Effective privacy management (control) requires that mobile systems’ users be able to make informed privacy decisions as their experience and knowledge of a system progresses. By informed, we mean users be aware of the actual information flow. Moreover, privacy preferences vary across the context and it is hard to define privacy policy that reflects the dynamic nature of our lives. This research explores the problem of supporting awareness of information flow and designing usable interfaces for maintaining privacy policies ad-hoc. We borrow from the world of Computer Supported Collaborative Work (CSCW) and propose to incorporate social translucence, a design approach that “supports coherent behaviour by making participants and their activities visible to one another”. We use the characteristics of social translucence, namely visibility, awareness and accountability in order to introduce social norms in spatially dispersed systems. Our research is driven by two questions: (1) how can artifacts from real world social interaction, such as responsibility, be embedded into mobile interaction; and (2) can systems be designed in which both privacy violations and the burden of privacy management is minimized. The contributions of our work are: (1) an implementation of Buddy Tracker, privacy-aware location-sharing application based on the social translucence; (2) the design and evaluation of the concept of real-time feedback as a means of incorporating social translucence in location-sharing scenarios; and finally (3) a novel interface for ad-hoc privacy management called Privacy-Shake. We explore the role of real-time feedback for privacy management in the context of Buddy Tracker. Informed by focus group discussions, interviews, surveys and two field trials of Buddy Tracker we found that when using a system that provided real-time feedback, people were more accountable for their actions and reduced the number of unreasonable location requests. From our observations we develop concrete design guidelines for incorporating real-time feedback into information sharing applications in a manner that ensures social acceptance of the technology

Analyzing confidentiality and privacy concerns: insights from Android issue logs

Context: Post-release user feedback plays an integral role in improving software quality and informing new features. Given its growing importance, feedback concerning security enhancements is particularly noteworthy. In considering the rapid uptake of Android we have examined the scale and severity of Android security threats as reported by its stakeholders. Objective: We systematically mine Android issue logs to derive insights into stakeholder perceptions and experiences in relation to certain Android security issues. Method: We employed contextual analysis techniques to study issues raised regarding confidentiality and privacy in the last three major Android releases, considering covariance of stakeholder comments, and the level of consistency in user preferences and priorities. Results: Confidentiality and privacy concerns varied in severity, and were most prevalent over Jelly Bean releases. Issues raised in regard to confidentiality related mostly to access, user credentials and permission management, while privacy concerns were mainly expressed about phone locking. Community users also expressed divergent preferences for new security features, ranging from more relaxed to very strict. Conclusions: Strategies that support continuous corrective measures for both old and new Android releases would likely maintain stakeholder confidence. An approach that provides users with basic default security settings, but with the power to configure additional security features if desired, would provide the best balance for Android's wide cohort of stakeholders

The right expert at the right time and place: From expertise identification to expertise selection

We propose a unified and complete solution for expert finding in organizations, including not only expertise identification, but also expertise selection functionality. The latter two include the use of implicit and explicit preferences of users on meeting each other, as well as localization and planning as important auxiliary processes. We also propose a solution for privacy protection, which is urgently required in view of the huge amount of privacy sensitive data involved. Various parts are elaborated elsewhere, and we look forward to a realization and usage of the proposed system as a whole

Empowering users to control their privacy in context-aware system through interactive consent

Context-aware systems adapt their behaviour based on the context a user is in. Since context is potentially privacy sensitive information, users should be empowered to control how much of their context they are willing to share, under what conditions and for what purpose. We propose an interactive consent mechanism that allows this. It is interactive in the sense that users are asked for consent when a request for their context information is received. Our interactive consent mechanism complements a more traditional pre-configuration approach. We describe the architecture, the implementation of our interactive consent mechanism and a use case