Privacy Policies Change Management for Smartphones
-
Upload
debmalya-biswas -
Category
Technology
-
view
86 -
download
2
description
Transcript of Privacy Policies Change Management for Smartphones
![Page 1: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/1.jpg)
Nokia Research Center
Privacy Policies Change
Management for
Smartphones
Debmalya Biswas
Nokia Research Center, Switzerland
MUCS 20121
![Page 2: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/2.jpg)
Nokia Research Center
Smart phones
Sensors
The average smartphone nowadays consists of many sensors:
• GPS
• Accelerometer
• Bluetooth, Wifi
• Proximity
• Rotation
• Magnetometer
• Ambient Light
MUCS 20122
![Page 3: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/3.jpg)
Nokia Research Center
Smart phones
Intelligent and Contextual Apps
• GPS – Real-time precise location
• Accelerometer - Activity, e.g. the speed at which the user is moving his
hand
• Compass – the direction
• Bluetooth – Nearby people
Traditional input devices, e.g. Camera, Microphone
and
sources of information, e.g Messeges, Address book, Pics, Vids (file
system in general)
MUCS 20123
![Page 4: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/4.jpg)
Nokia Research Center
State of the Art
Install-time verification
• Certification: Centrazilized certification by the App Store
• Capabilities based access control model:
• Capabilites here refers to group of phone resources
• Apps have to declare the phone capabilities/resources they need to access
• If allowed by user, the app is installed with tokens to access the requested resources.
• Certification + Capabilities
Many real-life cases of malicious apps bypassing the above safeguards.
MUCS 20124
![Page 5: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/5.jpg)
Nokia Research Center
Missing Aspects
Run-time parameters
• Frequency: An app A is allowed to access a sensor S only with a certain
frequency.
• A weather app does not need to access your location every 5 seconds.
Contextual parameters
• Time, Location:
• An app A is NOT allowed to access the phone’s camera/microphone when the user is in
(location) Offce.
MUCS 20125
![Page 6: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/6.jpg)
Nokia Research Center
Real-time and Contextual Policies
• Sequence of invocation:
• Implicitly includes the list of allowed sensors
• Frequency: of access f.
• Time range: (sT, eT) and r.
• r refers to the recurrence patterns e.g. daily, weekly, yearly
• Location: Set of allowed locations L.
• Can refer to both geogrpahic (e.g. city, country) and semantic locations (e.g. home, office)
MUCS 20126
![Page 7: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/7.jpg)
Nokia Research Center
Policy Language
Metric Temporal Logic
• Only sensors s1, s2 and s3 can be invoked; s2 within 30 mins of s1’s
invocation, folllowed by s3 within the next 40 minutes.
• Logical operators: AND ˄, OR ˅, NOT¬
• Temporal operators: Past ♦, Furture ◊
• Metric: Quantification [sT, eT]
Formalism can be used to express both App profiles AP and User
privacy policies uP.
MUCS 20127
![Page 8: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/8.jpg)
Nokia Research Center
Conflict Detection
App profile aP:
sens(s1,fa, …, {l1,la}) ˄ ◊[5,15] sens(s2,f2, …)
User privacy profile uP:
sens(s1,fu, …, {l1,lu})
• List of sensors:
• Conflict: s2 is not allowed by user
• Frequency:
• Conflict: fa > fu
• Location:
• Conflict: la is not allowed by user
MUCS 20128
![Page 9: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/9.jpg)
Nokia Research Center
Conflict Resolution
App profile aP:
sens(s1,fa, …, {l1,la}) ˄ ◊[5,15] sens(s2,f2, …)
User privacy profile uP:
sens(s1,fu, …, {l1,lu})
• Reject the app.
• Relax user privacy profile:
• uP: sens(s1,fa, …, {l1,lu,la}) ˄ ◊[5,15]
sens(s2,f2, …)
MUCS 20129
![Page 10: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/10.jpg)
Nokia Research Center
Policy Evolution
App profile aP:
sens(s1,fa, …, {l1,la}) ˄ ◊[5,15] sens(s2,f2, …)
User privacy profile uP:
sens(s1,fu, …, {l1,lu})
• Relax:
• uP: sens(s1,fa, …, {l1,lu,la}) ˄ ◊[5,15]
sens(s2,f2, …)
• Restrict:
• uP: sens(s1,fa, …, {l1,la}) ˄ ◊[5,15]
sens(s2,f2, …)
MUCS 201210
![Page 11: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/11.jpg)
Nokia Research Center
Policy Evolution
• Policies evolve over time
• Security advisories
• Change in physical characteristics, e.g. location, occupation
• Restrict:
• Re-evaluate already installed apps to see if they are still compliant
• Relax:
• Re-evaluate previously rejected apps to see if they are now compliant
• Maintain log of rejected apps categorized by their conflict types
• Relax + Restrict:
• Policy change can be both relaxing and restricting at the same time
MUCS 201211
![Page 12: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/12.jpg)
Nokia Research Center
Conclusion
• Problem: Regulating access by 3rd party apps to sensors on the phones.
• Expressive install-time privacy policy language
• Run-time and contextual parameters
• Temporal Logics based conflict detect and resolution.
• Policy evolution categorization
• Can lead to installation of previously rejected apps
• Automated validation of installed apps in the event of any policy changes
MUCS 201212
![Page 13: Privacy Policies Change Management for Smartphones](https://reader033.fdocuments.in/reader033/viewer/2022052621/558934aed8b42a28398b45d9/html5/thumbnails/13.jpg)
Nokia Research Center
Thank You
&
Questions
MUCS 201213