Catálogo de publicaciones - libros

This paper addresses the need for individualized information anytime and anyplace in contrast to the problem of user’s right to privacy. The creation and application of profiles is characterized. A extensible middleware approach is proposed to combine independent databases on localization and personal profiles in order to identify the right layer to protect privacy. This will enable telecommunication providers to offer common basic services for the development of a wide range of mobile 3^rd party applications.

Increasing automation of buildings enables rich information streams about the activities of building users to reach networked computer systems. Privacy concerns typically cause this information to be accessible only by building managers and security personnel. However, if appropriate privacy mechanisms can be implemented, then it is possible to deploy location information systems that can contribute to the convenience and efficiency of users. This paper describes a three step approach to privacy-sensitive release of location information collected by building sensors. These steps entail defining an ownership model, defining environment events to be monitored, and creating a sharing model. These steps are described mathematically and then validated through a case study for a system called Janus’s Map which provides a location information system for the card reader, door, and occupancy sensors of a modern smart building.

In a wireless communication network, it is possible to locate a user and track its trajectory based on its transmission, during communication with access points. This type of tracking leads to the breach of a user’s location privacy. Prior solutions to this problem enhances user’s location privacy at the expense of communication Quality of Service(QoS) degradation. In this paper, we propose silent cascade to enhance a user’ location privacy by trading users’ delay in silent cascade for anonymity. As a result, it avoids the problem of QoS degradation in prior solutions. Furthermore, we abstract silent cascade as a mix-network based formal model, and use this model to evaluate the performance of silent cascade. Study results prove the effectiveness of silent cascade under different types of QoS requirements. Besides, we also derive the optimal configuration of silent cascade to achieves target anonymity within minimum duration of time. and the theoretical upper bound of a silent cascade’s anonymity.

In pervasive computing environments, information gateways derive specific information, such as a person’s location, from raw data provided by a service, such as a videostream offered by a camera. Here, access control to confidential raw data provided by a service becomes difficult when a client does not have access rights to this data. For example, a client might have access to a person’s location information, but not to the videostream from which a gateway derives this information. Simply granting access rights to a gateway will allow an intruder into the gateway to access any raw data that the gateway can access. We present the concept of derivation-constrained access control, which requires a gateway to prove to a service that the gateway needs requested raw data to answer a client’s authorized request for derived information. Therefore, an intruder into the gateway will be limited in its capabilities. We provide a formal framework for derivation-constrained access control based on Lampson et al.’s “speaks-for” relationship. We demonstrate feasibility of our design with a sample implementation and a performance evaluation.

The vision of a landscape of heterogeneous web services deployed as encapsulated business software assets in the Internet is currently becoming a reality as part of the Semantic Web. When pro-active agents handle the context-aware discovery, acquisition, composition, and management of application services and data, ensuring the security of customers’ data becomes a principle task. To dynamically compose its offered service, an agent has to process and spread confidential data to other web services demanding the required degree of security. In this paper we propose a methodology based on type-based information flow to control the security of dynamically computed data and their proliferation to other web services.

We study a protocol, called BIO3G, which provides biometric-based user authentication and key establishment in Third Generation (3G) mobile environments. BIO3G provides end-to-end user authentication to the mobile operator, requiring no storing or transferring of biometric data and, eliminating the need for biometric enrolment and administration, which is time-consuming for the user and expensive for the mobile operator. We model BIO3G using process algebra Communicating Sequential Processes (CSP) and verify it using Schneider’s rank functions.

Rich, context-aware applications are emerging for mobile computing environments that provide new and innovative services to consumers. Security is critical for the successful realization of this vision. We propose a new method for authentication that utilizes contextual information to overcome the limitations inherent in traditional approaches. We have defined a model that uses contextual attributes to achieve an approach to authentication that is better suited for dynamic, mobile computing environments. We examine the use of trusted platforms to provide assurances for these contextual attributes. Our model promotes the adoption of many revolutionary mobile applications by providing a seamless and flexible user experience that can protect privacy and reduce administrative overhead.