personal information management in a ubiquitous computing environment institute of systems &...
TRANSCRIPT
Personal Information Management in a Ubiquitous Computing Environment
Institute of Systems & Information Technologies/KYUSHU
Kenichi Takahashi
Introduction
Popularization of mobile technologies e.g. cellular phone, wireless LAN
HotSpot services Airport, food shop, etc...
Ubiquitous Computing System
Ubiquitous Computing Environment
Anywhere, Anytime and Anyone
officeoffice
TVRadio
PCTel
To realize ubiquitous computing environment
Service-use mechanism Each service has a protocol for it use
Protection of private information
Necessary to protect private information while keeping usability
How to deal with private information in the yahoo
How to deal with private information in the yahoo
Private Policy in the yahoo
P3P and EPAL P3P( The Platform for Privacy
Preference), EPAL( The Enterprise Privacy Authorization Language) What purpose does a collector collect it for? How does a collector operate it? Machines are able to interpret private
policies automatically
PrivateInformation
Collector
Privacy Policy
Private Information
Preference
compare
But ...
Users must still believe privacy policies indicated from a collector
Necessary to protect private information by user’s self Users must be able to control a way that
collectors use user’s private information Necessary to correspond to various services
Our Proposal Model
Each User and service provider are defined as a agent Each agent has the Public Zone and
Private Zone Public Zone provides a mechanism for
corresponding to various services Private Zone provides a mechanism for
protecting private information by myself
Basic idea on the Public Zone For corresponding to various services The service = Client Program+ Service Program
Client Program is executed by users Service Program is executed by service providers
User
Public Zone Public Zone
Service Provider
ServiceProgram
ClientProgram
ClientProgram pair
get
communicate
PrivateResources
Private Zone
Se
curity
Ba
rrier
Check the access
What information?
What purpose?How operate?
:
What information?
What purpose?How operate?
:
Basic idea on the Private Zone Check the access from the Public Zone Monitor the communication with other agents Push a program for dealing with private
information
User
Public ZonePrivate Zone
Se
curity B
arrier
ClientProgram
PrivateResources
Check by Permission
AccessedTable
regist
Service Provider
Check by Partner and Method
ServiceProgram
PrivatePolicy
registClient
Programpush
communicate
The Private Policy Permission
What information access does agent allow a program to access to
What purpose does agent allow to access for Partner
Who does agent allow a program to communicate with
Method What operations using it are allowed
Conclusion
The Public and Private Zone model Proposed basic ideas Public Zone: correspond to various
services Private Zone: manage information by
user’s self
A lot of future work are remained!
Future Works How to create a pushed program
→ by combination of some components Protection of a program from illegal
rewriting→ mobile cryptography, program obfuscation
Verification of whether a program returns a correct result or not→ verify a program after result returned
Refusal of malicious programs
The Overview of our Model
Public Zone
Private Zone
Protect private information
Manage services for providing to other agent
Services
Private information forbid
Agent
Access to the serviceAgent
Security Barrier