Keeping Context In Mind: Automating Mobile App Access Control with User Interface Inspection

Recent studies observe that app foreground is the most striking component that influences the access control decisions in mobile platform, as users tend to deny permission requests lacking visible evidence. However, none of the existing permission models provides a systematic approach that can automatically answer the question: Is the resource access indicated by app foreground? In this work, we present the design, implementation, and evaluation of COSMOS, a context-aware mediation system that bridges the semantic gap between foreground interaction and background access, in order to protect system integrity and user privacy. Specifically, COSMOS learns from a large set of apps with similar functionalities and user interfaces to construct generic models that detect the outliers at runtime. It can be further customized to satisfy specific user privacy preference by continuously evolving with user decisions. Experiments show that COSMOS achieves both high precision and high recall in detecting malicious requests. We also demonstrate the effectiveness of COSMOS in capturing specific user preferences using the decisions collected from 24 users and illustrate that COSMOS can be easily deployed on smartphones as a real-time guard with a very low performance overhead.Comment: Accepted for publication in IEEE INFOCOM'201

Smart labs and social practice: social tools for pervasive laboratory workspaces: a position paper

The emergence of pervasive and ubiquitous computing stimulates a view of future work environments where sharing of information, data and knowledge is easy and commonplace, particularly in highly interactive settings. Much of the work in this area focuses on tool development to support activities such as data collection, data recording and sharing, and so on. We are interested in this kind of technical development, which is both challenging and essential for science communities. But we are also interested in a broader interpretation of knowledge sharing and the human/social side of tools we develop to support this. We are keen to know more about how groups of different kinds of scientists can make their work understandable and shareable with each other in a multidisciplinary setting. This is a complex task because boundaries and barriers can emerge between disciplines engendered by differences in discourses and practices, which may not easily translate into other discipline areas. In the worst case, there may be some hostility between disciplines, or at least doubt and scepticism. Nevertheless, sharing approaches to research, research expertise, data and methods across disciplines can be a very fruitful exercise, and encouragement to engage in this activity is particularly pertinent in the digital era. Issues of privacy and security are also key aspects – knowing when and how to release data or information to other groups is crucial to providing a safe environment for people to work, and there are several sensitivities to be explored here. In this paper we describe an evolving situation that captures many of these issues, which we aim to track longitudinally

Population's perspectives toward biobanks in scientific research: a study from Jordan.

BackgroundBiobanks (biorepositories) were established to compile collected bio-specimens for future research and usage. The collection/storage of bio-specimens triggers several social, legal, and ethical implications where public attitudes can represent the core measurement/parameter in defining the most acceptable practices and ethical approaches when dealing with biobanks.AimThe aim of this study was to explore and understand population's perspectives, expectations, and concerns toward biobanks in Jordan.MethodsA cross-sectional survey that included closed-ended questions was distributed among Jordanians. A total of 500 participants who are representative of the Jordanian population were included in this study.ResultsThere was overwhelming support (>85%) for the establishment of biobanks in Jordan, and most of the participants agreed on the importance of biobanks and samples' donation for promoting medical research. Enthusiasm in biobanking participation was associated with the sociodemographic characteristics of participants including age, educational level, and previous knowledge of biobanks. Moreover, considering sample donation as a religiously good deed appeared to have the strongest positive correlation with willingness to donate bio-specimens for future research. Also, participants' trust in medical and research services, especially the protection of their privacy and confidentiality, was the most critical concern when they decided to participate in biobanks.ConclusionPopulation's attitude toward biobanks in Jordan was positive and promising, and can encourage the future establishment of different biobanks. It is also necessary to take into consideration certain sociodemographic characteristics when discussing specific information with potential biobanks' donors

Alcuni abstract di articoli che trattano argomenti relativi all'eHealth

Non utile per esam

Online advertising: analysis of privacy threats and protection approaches

Online advertising, the pillar of the “free” content on the Web, has revolutionized the marketing business in recent years by creating a myriad of new opportunities for advertisers to reach potential customers. The current advertising model builds upon an intricate infrastructure composed of a variety of intermediary entities and technologies whose main aim is to deliver personalized ads. For this purpose, a wealth of user data is collected, aggregated, processed and traded behind the scenes at an unprecedented rate. Despite the enormous value of online advertising, however, the intrusiveness and ubiquity of these practices prompt serious privacy concerns. This article surveys the online advertising infrastructure and its supporting technologies, and presents a thorough overview of the underlying privacy risks and the solutions that may mitigate them. We first analyze the threats and potential privacy attackers in this scenario of online advertising. In particular, we examine the main components of the advertising infrastructure in terms of tracking capabilities, data collection, aggregation level and privacy risk, and overview the tracking and data-sharing technologies employed by these components. Then, we conduct a comprehensive survey of the most relevant privacy mechanisms, and classify and compare them on the basis of their privacy guarantees and impact on the Web.Peer ReviewedPostprint (author's final draft