A survey of RFID privacy approaches

A bewildering number of proposals have offered solutions to the privacy problems inherent in RFID communication. This article tries to give an overview of the currently discussed approaches and their attribute

SLS: Smart localization service: human mobility models and machine learning enhancements for mobile phone’s localization

In recent years we are witnessing a noticeable increment in the usage of new generation smartphones, as well as the growth of mobile application development. Today, there is an app for almost everything we need. We are surrounded by a huge number of proactive applications, which automatically provide relevant information and services when and where we need them. This switch from the previous generation of passive applications to the new one of proactive applications has been enabled by the exploitation of context information. One of the most important and most widely used pieces of context information is location data. For this reason, new generation devices include a localization engine that exploits various embedded technologies (e.g., GPS, WiFi, GSM) to retrieve location information. Consequently, the key issue in localization is now the efficient use of the mobile localization engine, where efficient means lightweight on device resource consumption, responsive, accurate and safe in terms of privacy. In fact, since the device resources are limited, all the services running on it have to manage their trade-off between consumption and reliability to prevent a premature depletion of the phone’s battery. In turn, localization is one of the most demanding services in terms of resource consumption. In this dissertation I present an efficient localization solution that includes, in addition to the standard location tracking techniques, the support of other technologies already available on smartphones (e.g., embedded sensors), as well as the integration of both Human Mobility Modelling (HMM) and Machine Learning (ML) techniques. The main goal of the proposed solution is the provision of a continuous tracking service while achieving a sizeable reduction of the energy impact of the localization with respect to standard solutions, as well as the preservation of user privacy by avoiding the use of a back-end server. This results in a Smart Localization Service (SLS), which outperforms current solutions implemented on smartphones in terms of energy consumption (and, therefore, mobile device lifetime), availability of location information, and network traffic volume

Engineering Privacy by Design: Are engineers ready to live up to the challenge?

Organizations struggle to comply with legal requirements as well as customers' calls for better data protection. On the implementation level, incorporation of privacy protections in products and services depends on the commitment of the engineers who design them. We interviewed six senior engineers, who work for globally leading IT corporations and research institutions, to inves- tigate their motivation and ability to comply with privacy regulations. Our findings point to a lack of perceived responsibility, control, autonomy, and frustrations with interactions with the legal world. While we increasingly call on engineers to go beyond functional requirements and be responsive to human values in our increasingly technological society, we may be facing the dilemma of asking engineers to live up to a challenge they are currently not ready to embrace

Engineering Privacy by Design: Are engineers ready to live up to the challenge?

Organizations struggle to comply with legal requirements as well as customers' calls for better data protection. Yet, information privacy depends on system engineers putting effort into the matter. We interviewed six seniors in system engineering, who work for globally leading IT corporations and research institutions in order to investigate their motivation and ability to comply with privacy expectations. The results of our in-depth interview study point to a lack of perceived responsibility, control and autonomy and to a struggle with the legal world. The information society may be facing the dilemma of asking engineers to live up to a challenge they are currently not ready to embrace

Understanding Engineers' Drivers and Impediments for Ethical System Development: The Case of Privacy and Security Engineering

Machine ethics is a key challenge in times when digital systems play an increasing role in people's life. At the core of machine ethics is the handling of personal data and the security of machine operations. Yet, privacy and security engineering are a challenge in today's business world where personal data markets, corporate deadlines and a lag of perfectionism frame the context in which engineers need to work. Besides these organizational and market challenges, each engineer has his or her specific view on the importance of these values that can foster or inhibit taking them into consideration. We present the results of an empirical study of 124 engineers based on the Theory of Planned Behavior and Jonas' Principle of Responsibility to understand the drivers and impediments of ethical system development as far as privacy and security engineering are concerned. We find that many engineers find the two values important, but do not enjoy working on them. We also find that many struggle with the organizational environment. They face a lack of time and autonomy that is necessary for building ethical systems, even at this basic level. Organizations' privacy and security norms are often too weak or even oppose value-based design, putting engineers in conflict with their organizations. Our data indicate that it is largely engineers' individually perceived responsibility as well as a few character traits that make a positive difference

A practical framework for ethics - the PD-Net approach to supporting ethics compliance in public display studies

Research involving public displays often faces the need to study the effects of a deployment in the wild. While many organizations have institutionalized processes for ensuring ethical compliance of such human subject experiments, these may fail to stimulate sufficient awareness for ethical issues among all project members. Some organizations even require such assessments only for medical research, leaving computer scientists without any incentive to consider and reflect on their study design and data collection practices. Faced with similar problems in the context of the EU-funded PD-Net project, we have implemented a step-by-step ethics process that aims at providing structured yet lightweight guidance to all project members, both stimulating the design of ethical user studies, as well as providing continuous documentation. This paper describes our process and reports on 3 years of experience using it. All materials are publicly available and we hope that other projects in the area of public displays, and beyond, will adopt them to suit their particular needs.EC -European Commission(244011

Key challenges in application and content scheduling for Open Pervasive Display Networks

Today’s digital signage systems typically show content that has been scheduled well in advance by their respective “owners”, i.e., companies or individuals who paid for and/or operate the public display. However, with the shift to open display networks that can obtain content from many sources and the corresponding advances in interaction and sensing technologies, the scheduling requirements in this domain are set to change radically. For example, we envision that displays in our environment will soon be able to adapt to their surroundings and allow viewers to appropriate them by actively selecting and/or contributing content. Such levels of interactivity and context-awareness will require new approaches to content scheduling. In this paper we discuss the challenges faced in developing new forms of application and content scheduling for Open Pervasive Display Networks.(undefined

The role of context in human memory augmentation

Technology has always had a direct impact on what humans remember. In the era of smartphones and wearable devices, people easily capture on a daily basis information and videos, which can help them remember past experiences and attained knowledge, or simply evoke memories for reminiscing. The increasing use of such ubiquitous devices and technologies produces a sheer volume of pictures and videos that, in combination with additional contextual information, could potentially significantly improve one’s ability to recall a past experience and prior knowledge. Calendar entries, application use logs, social media posts, and activity logs comprise only a few examples of such potentially memory-supportive additional information. This work explores how such memory-supportive information can be collected, filtered, and eventually utilized, for generating memory cues, fragments of past experience or prior knowledge, purposed for triggering one’s memory recall. In this thesis, we showcase how we leverage modern ubiquitous technologies as a vessel for transferring established psychological methods from the lab into the real world, for significantly and measurably augmenting human memory recall in a diverse set of often challenging contexts. We combine experimental evidence garnered from numerous field and lab studies, with knowledge amassed from an extensive literature review, for substantially informing the design and development of future pervasive memory augmentation systems. Ultimately, this work contributes to the fundamental understanding of human memory and how today’s modern technologies can be actuated for augmenting it

A privacy-aware and secure system for human memory augmentation

The ubiquity of digital sensors embedded in today's mobile and wearable devices (e.g., smartphones, wearable cameras, wristbands) has made technology more intertwined with our life. Among many other things, this allows us to seamlessly log our daily experiences in increasing numbers and quality, a process known as ``lifelogging''. This practice produces a great amount of pictures and videos that can potentially improve human memory. Consider how a single photograph can bring back distant childhood memories, or how a song can help us reminisce about our last vacation. Such a vision of a ``memory augmentation system'' can offer considerable benefits, but it also raises new security and privacy challenges. Maybe obviously, a system that captures everywhere we go, and everything we say, see, and do, is greatly increasing the danger to our privacy. Any data breach of such a memory repository, whether accidental or malicious, could negatively impact both our professional and private reputation. In addition, the threat of memory manipulation might be the most worrisome aspect of a memory augmentation system: if an attacker is able to remove, add, or change our captured information, the resulting data may implant memories in our heads that never took place, or, in turn, accelerate the loss of other memories. Starting from such key challenges, this thesis investigates how to design secure memory augmentation systems. In the course of this research, we develop tools and prototypes that can be applied by researchers and system engineers to develop pervasive applications that help users capture and later recall episodic memories in a secure fashion. We build trusted sensors and protocols to securely capture and store experience data, and secure software for the secure and privacy-aware exchange of experience data with others. We explore the suitability of various access control models to put users in control of the plethora of data that the system captures on their behalf. We also explore the possibility of using in situ physical gestures to control different aspects regarding the capturing and sharing of experience data. Ultimately, this thesis contributes to the design and development of secure systems for memory augmentation