Usable Privacy Preservation in Mobile Electronic Personality
Oyomno, Were (2012-08-24)
Väitöskirja
24.08.2012
Lappeenranta University of Technology
Acta Universitatis Lappeenrantaensis
Julkaisun pysyvä osoite on
https://urn.fi/URN:ISBN:978-952-265-267-6
https://urn.fi/URN:ISBN:978-952-265-267-6
Tiivistelmä
Personalised ubiquitous services have rapidly proliferated due technological advancements
in sensing, ubiquitous and mobile computing. Evolving societal trends, business
and the economic potential of Personal Information (PI) have overlapped the service
niches. At the same time, the societal thirst for more personalised services has increased
and are met by soliciting deeper and more privacy invasive PI from customers. Consequentially,
reinforcing traditional privacy challenges and unearthed new risks that render
classical safeguards ine ective. The absence of solutions to criticise personalised ubiquitous
services from privacy perspectives, aggravates the situation.
This thesis presents a solution permitting users' PI, stored in their mobile terminals to
be disclosed to services in privacy preserving manner for personalisation needs. The
approach termed, Mobile Electronic Personality Version 2 (ME2.0), is compared to alternative
mechanisms. Within ME2.0, PI handling vulnerabilities of ubiquitous services
are identi ed and sensitised on their practices and privacy implications. Vulnerability
where PI may leak through covert solicits, excessive acquisitions and legitimate data
re-purposing to erode users privacy are also considered.
In this thesis, the design, components, internal structures, architectures, scenarios and
evaluations of ME2.0 are detailed. The design addresses implications and challenges
leveraged by mobile terminals. ME2.0 components and internal structures discusses the
functions related to how PI pieces are stored and handled by terminals and services.
The architecture focusses on di erent components and their exchanges with services.
Scenarios where ME2.0 is used are presented from di erent environment views, before
evaluating for performance, privacy and usability.
in sensing, ubiquitous and mobile computing. Evolving societal trends, business
and the economic potential of Personal Information (PI) have overlapped the service
niches. At the same time, the societal thirst for more personalised services has increased
and are met by soliciting deeper and more privacy invasive PI from customers. Consequentially,
reinforcing traditional privacy challenges and unearthed new risks that render
classical safeguards ine ective. The absence of solutions to criticise personalised ubiquitous
services from privacy perspectives, aggravates the situation.
This thesis presents a solution permitting users' PI, stored in their mobile terminals to
be disclosed to services in privacy preserving manner for personalisation needs. The
approach termed, Mobile Electronic Personality Version 2 (ME2.0), is compared to alternative
mechanisms. Within ME2.0, PI handling vulnerabilities of ubiquitous services
are identi ed and sensitised on their practices and privacy implications. Vulnerability
where PI may leak through covert solicits, excessive acquisitions and legitimate data
re-purposing to erode users privacy are also considered.
In this thesis, the design, components, internal structures, architectures, scenarios and
evaluations of ME2.0 are detailed. The design addresses implications and challenges
leveraged by mobile terminals. ME2.0 components and internal structures discusses the
functions related to how PI pieces are stored and handled by terminals and services.
The architecture focusses on di erent components and their exchanges with services.
Scenarios where ME2.0 is used are presented from di erent environment views, before
evaluating for performance, privacy and usability.
Kokoelmat
- Väitöskirjat [1102]