Embed Size (px)
Citation preview
Tim FininUniversity of Maryland, Baltimore County
29 January 2013
Joint work with Anupam Joshi, Laura Zavala and our students
SRI Social Media WorkshopChallenges for Large Scale Adoption of Social Media
Context-Aware Privacy Policiesin Mobile and Social Computing
http://ebiq.org/r/349
Convergence of Mobile and SocialSocial media & mobile computing are intertwined• We use laptops, tablets and smartphones more than
desktops• Devices sync critical data with the cloud and each other
–Take a picture on your smartphone and it gets uploaded to Instagram
–Friend a person on Facebook via your computer, your smartphone notices and links her to existing contacts
We should attend to both in addressing privacy by giving users ways to limit who can see what
Context-Aware Privacy
• Social media apps and smart mobile devices each know a great deal about their users
• Together they may know too much!• But acquiring and reasoning about this
knowledge will enable both to provide better services
Context-Aware Privacy
• Sharing the information with other users, organizations and services can also be beneficial
• Context-aware policies can beused to limit information sharingand to control the actions and information access
• For both social media and mobile apps• Two themes: situation awareness &
information integration
We’re in a two-hour bud-get meeting in room 810 with Alice, Bob & Carol
We’re in a impor-tant meeting
We’re busy
Situational Awareness• Awareness of what’s happening
around you to understand howinformation, events and actionswill impact your goals and objectives
• A common theme in as we becomemore instrumented and interconnected
• Applies to people, smart interfaces, sensors, AI, wireless networks, embedded systems, streaming data, image processing, smartphones, etc.
• Challenges for distributed, dynamic & interconnected systems
1
Information integration• You can’t use and integrate shared information
unless you understand its meaning • Common, shared semantic models (ontologies)
are essential along with techniques for inference, knowledge mapping and provenance
• We use Semantic Web languages (RDF, OWL) as a standardized substrate to represent and reason with concepts, knowledge, facts, and rules.
• Since RDF is a graph-based representation, it’s a good fit for semantics-aware big data analytics
2
E.g.: A Mobile Context KB • RDF KB on device
conforming to shared ontologies
• Imports ontologies, e.g. Foaf, Geo-Names
• Uses Geonames linked data for background spatial knowledge
• RDF supported by open source tools, standards, infra-structure, data
<gn:Feature rdf:about="http://sws.geonames.org/4372143/"><gn:name>UMBC</gn:name> <wgs84_pos:lat>39.25543</wgs84_pos:lat> <wgs84_pos:long>-76.71168</wgs84_pos:long> <wgs84_pos:alt>61</wgs84_pos:alt> <gn:parentFeature rdf:resource="http://sws.geonames.org/4347790/"/> Baltimore County <gn:parentCountry rdf:resource="http://sws.geonames.org/6252001/"/> United States <gn:parentADM1 rdf:resource="http://sws.geonames.org/4361885/"/> Maryland <gn:parentADM2 rdf:resource="http://sws.geonames.org/4347790/"/> Baltimore County</gn:Feature>
7/46
LinkedOpenData
Context / situation recognition
Train Classifiers
Decision Trees Naïve Bayes SVM
Feature Vector
Time, Noise level in db (avg, min, max), accel 3 axis (avg,
min, max, magnitude, wifis, …
RDF context modelHMM
Context-aware Privacy Policies
• We use declarative policies that can access the user’s profile and context model for privacy and security
• Privacy: one use is to control what user-sensitive information we share with whom and in what context
• Privacy and security: we use the same policy infrastructure to control actions that an app can take (e.g., turn on camera, access SD card)
9/46
Ex: Sensor Data Access Policies
• Lets users decide how their sensor information is released
• Sample Privacy policy – share GPS co-ordinates on weekdays from 9am-5pm
only if in office– Do not allow access to recorded audio but allow
access to accelerometer and WiFi AP ids on weekdays
10/46
Demonstration policies
Share actual or mock location depending on requester[ ShareMockGPSSimple:
(?user ex:systemUser ?someValue)(?requester ex:shareMockGPSCoordinates ``True')
]
Policy to share mock location if user isinside Building10[ShareMockGPSComplex1:
(?user ex:systemUser ?someValue)(?someActivity platys:occurs_at ?userPlace) (?userPlace platys:has_location ?userLocation) (?userLocation platys:part_of ?userBuilding)(?userBuilding rdf:type platys:Building)equal(?userBuilding, platys:Building10)(?requester ex:shareMockGPSCoordinates ``True')
]
Implemented use case
Obfuscated location provided to one Android app
Actual location reported to another Android app
Conclusion
• Users of social media apps and mobile devices need better privacy controls
• Declarative policies grounded in semantic data offer expressive power
• We can mine mobile sensor data to learn models of activities and contexts
• We can mine social network content and structure to induce groups and sharing preferences
