Personal Information Management in a Ubiquitous Computing Environment

1
Personal Information Management in a Ubiquitous
Computing Environment

• Institute of Systems Information
  Technologies/KYUSHU
• Kenichi Takahashi

2
Introduction

• Popularization of mobile technologies
• e.g. cellular phone, wireless LAN
• HotSpot services
• Airport, food shop, etc...

Ubiquitous Computing System
3
Ubiquitous Computing Environment

• Anywhere, Anytime and Anyone

TV Radio
PC Tel
office
4
To realize ubiquitous computing environment

• Service-use mechanism
• Each service has a protocol for it use
• Protection of private information

• Necessary to protect private information while
  keeping usability

5
How to deal with private information in the yahoo
6
How to deal with private information in the yahoo
7
Private Policy in the yahoo
8
P3P and EPAL

• P3P(The Platform for Privacy Preference),EPAL(The
  Enterprise Privacy Authorization Language)
• What purpose does a collector collect it for?
• How does a collector operate it?
• Machines are able to interpret private policies
  automatically

Privacy Policy
compare
Private Information Collector
Preference
Private Information
9
But ...

• Users must still believe privacy policies
  indicated from a collector

10
Our Proposal Model

• Each User and service provider are defined as a
  agent
• Each agent has the Public Zone and Private Zone
• Public Zone provides a mechanism for
  corresponding to various services
• Private Zone provides a mechanism for protecting
  private information by myself

11
Basic idea on the Public Zone

• For corresponding to various services
• The service Client ProgramService Program
• Client Program is executed by users
• Service Program is executed by service providers

Public Zone
Public Zone
Private Zone
Security Barrier
Service Program
communicate
Check the access
Client Program
pair
What information? What purpose? How operate?
Private Resources
Client Program
get
User
Service Provider
12
Basic idea on the Private Zone

• Check the access from the Public Zone
• Monitor the communication with other agents
• Push a program for dealing with private
  information

regist
Private Zone
Public Zone
push
Security Barrier
Private Policy
Client Program
Check by Permission
communicate
Private Resources
Client Program
Service Program
regist
Check by Partner and Method
Accessed Table
Service Provider
What information? What purpose? How operate?
User
13
The Private Policy

• Permission
• What information access does agent allow a
  program to access to
• What purpose does agent allow to access for
• Partner
• Who does agent allow a program to communicate
  with
• Method
• What operations using it are allowed

14
Conclusion

• The Public and Private Zone model
• Proposed basic ideas
• Public Zone correspond to various services
• Private Zone manage information by users self
• A lot of future work are remained!

15
Future Works

• How to create a pushed program
• ? by combination of some components
• Protection of a program from illegal rewriting
• ? mobile cryptography, program obfuscation
• Verification of whether a program returns a
  correct result or not
• ? verify a program after result returned
• Refusal of malicious programs

16
The Overview of our Model
Manage services for providing to other agent
Agent
Services
Access to the service
Public Zone
Security Barrier
Private Zone
forbid
Private information
Protect private information
Agent