A Service-oriented Middleware for Privacy Protection in Pervasive Computing
Intergiciel orienté services pour la protection de la vie privée dans les systèmes d'informatique diffuse
Résumé
The widespread usage of computing devices is eroding the individual's right to privacy. Pervasive computing environments, where users interact with a number of computing devices unconscious of their presence, harm user privacy by generating digital trails of every ordinary user activity. Privacy protection is thus a critical factor for the success of pervasive computing applications.
Service oriented pervasive computing, where resources and applications are modeled as services, offers a compelling implementation of pervasive computing. In service oriented computing, applications can more easily handle the openness, heterogeneity and dynamics typical of pervasive computing environments. Realization of this view requires a service-oriented middleware that provides the basic features for provision and consumption of pervasive services: namely, service access, service discovery and service composition. The service-oriented middleware is particularly critical for privacy protection in service oriented pervasive computing since privacy vulnerabilities at the middleware layer affect any application using the middleware.
In this thesis, we study how a service oriented middleware affects the privacy of users in pervasive computing environments. Our contribution is a privacy-enhanced middleware that increases privacy protection during service access, discovery and composition. The middleware provides a service access protocol that enables nodes to communicate privately without the problems of public key encryption. The protocol splits messages through multiple paths that resist to attackers controlling a certain number of nodes or networks. It also provides a privacy-enhanced service discovery protocol that uses encoded service descriptions to protect personal information and that reduces the trust requirements of service directories. Since different service descriptions can generate the same encoded data, attackers are unable to identify the original service from the encoded description in service announcements and requests. Finally, the middleware provides a service composition mechanism that allows users to compare the privacy impact of executing service compositions that are functionally equivalent but define different partitions of data among service providers, thus enabling selection of the composition that causes the smallest impact on user privacy. The middleware features are implemented and evaluated in terms of performance and effectiveness.
Our middleware architecture facilitates the development of service-oriented pervasive applications that respect the privacy of individuals. Since the middleware handles the privacy issues introduced by the underlying software platform, applications can focus on application-specific mechanisms for privacy protection. Users that consume services on top of this middleware are also able to more effectively protect their privacy, since they can rely on middleware provided functionalities to better control personal information disclosure.
Service oriented pervasive computing, where resources and applications are modeled as services, offers a compelling implementation of pervasive computing. In service oriented computing, applications can more easily handle the openness, heterogeneity and dynamics typical of pervasive computing environments. Realization of this view requires a service-oriented middleware that provides the basic features for provision and consumption of pervasive services: namely, service access, service discovery and service composition. The service-oriented middleware is particularly critical for privacy protection in service oriented pervasive computing since privacy vulnerabilities at the middleware layer affect any application using the middleware.
In this thesis, we study how a service oriented middleware affects the privacy of users in pervasive computing environments. Our contribution is a privacy-enhanced middleware that increases privacy protection during service access, discovery and composition. The middleware provides a service access protocol that enables nodes to communicate privately without the problems of public key encryption. The protocol splits messages through multiple paths that resist to attackers controlling a certain number of nodes or networks. It also provides a privacy-enhanced service discovery protocol that uses encoded service descriptions to protect personal information and that reduces the trust requirements of service directories. Since different service descriptions can generate the same encoded data, attackers are unable to identify the original service from the encoded description in service announcements and requests. Finally, the middleware provides a service composition mechanism that allows users to compare the privacy impact of executing service compositions that are functionally equivalent but define different partitions of data among service providers, thus enabling selection of the composition that causes the smallest impact on user privacy. The middleware features are implemented and evaluated in terms of performance and effectiveness.
Our middleware architecture facilitates the development of service-oriented pervasive applications that respect the privacy of individuals. Since the middleware handles the privacy issues introduced by the underlying software platform, applications can focus on application-specific mechanisms for privacy protection. Users that consume services on top of this middleware are also able to more effectively protect their privacy, since they can rely on middleware provided functionalities to better control personal information disclosure.
Loading...