170 likes | 289 Views
Personal Information Management in a Ubiquitous Computing Environment. Institute of Systems & Information Technologies/KYUSHU Kenichi Takahashi. Introduction. Popularization of mobile technologies e.g. cellular phone, wireless LAN HotSpot services Airport, food shop, etc.
E N D
Personal Information Management in a Ubiquitous Computing Environment Institute of Systems & Information Technologies/KYUSHU Kenichi Takahashi
Introduction • Popularization of mobile technologies • e.g. cellular phone, wireless LAN • HotSpot services • Airport, food shop, etc... Ubiquitous Computing System
Ubiquitous Computing Environment • Anywhere, Anytime and Anyone TV Radio PC Tel office
To realize ubiquitous computing environment • Service-use mechanism • Each service has a protocol for it use • Protection of private information • Necessary to protect private information while keeping usability
P3P and EPAL • P3P(The Platform for Privacy Preference),EPAL(The Enterprise Privacy Authorization Language) • What purpose does a collector collect it for? • How does a collector operate it? • Machines are able to interpret private policies automatically Privacy Policy compare Private Information Collector Preference Private Information
Necessary to protect private information by user’s self • Users must be able to control a way that collectors use user’s private information • Necessary to correspond to various services But ... • Users must still believe privacy policies indicated from a collector
Our Proposal Model • Each User and service provider are defined as a agent • Each agent has the Public Zone and Private Zone • Public Zone provides a mechanism for corresponding to various services • Private Zone provides a mechanism for protecting private information by myself
Basic idea on the Public Zone • For corresponding to various services • The service = Client Program+Service Program • Client Program is executed by users • Service Program is executed by service providers Private Zone Public Zone Public Zone Security Barrier communicate Service Program Check the access Client Program pair What information? What purpose? How operate? : Private Resources Client Program get User Service Provider
Basic idea on the Private Zone • Check the access from the Public Zone • Monitor the communication with other agents • Push a program for dealing with private information regist Private Zone Public Zone push Private Policy Security Barrier Client Program Check by Permission communicate Private Resources Client Program Service Program regist Check by Partner and Method Accessed Table Service Provider What information? What purpose? How operate? : User
The Private Policy • Permission • What information access does agent allow a program to access to • What purpose does agent allow to access for • Partner • Who does agent allow a program to communicate with • Method • What operations using it are allowed
Conclusion • The Public and Private Zone model • Proposed basic ideas • Public Zone: correspond to various services • Private Zone: manage information by user’s self • A lot of future work are remained!
Future Works • How to create a pushed program → by combination of some components • Protection of a program from illegal rewriting → mobile cryptography, program obfuscation • Verification of whether a program returns a correct result or not → verify a program after result returned • Refusal of malicious programs
The Overview of our Model Manage services for providing to other agent Agent Services Access to the service Public Zone Security Barrier Private Zone forbid Private information Protect private information Agent