research-article

Public Access

Ancile: Enhancing Privacy for Ubiquitous Computing with Use-Based Privacy

Authors:

Eugene Bagdasaryan,

Griffin Berlstein,

Jason Waterman,

Eleanor Birrell,

Fred B. Schneider,

Deborah EstrinAuthors Info & Claims

WPES'19: Proceedings of the 18th ACM Workshop on Privacy in the Electronic Society

Pages 111 - 124

https://doi.org/10.1145/3338498.3358642

Published: 11 November 2019 Publication History

Abstract

Widespread deployment of Intelligent Infrastructure and the Internet of Things creates vast troves of passively-generated data. These data enable new ubiquitous computing applications---such as location-based services---while posing new privacy threats. In this work, we identify challenges that arise in applying use-based privacy to passively-generated data, and we develop Ancile, a platform that enforces use-based privacy for applications that consume this data. We find that Ancile constitutes a functional, performant platform for deploying privacy-enhancing ubiquitous computing applications.

References

[1]

Martin Abadi, Andy Chu, Ian Goodfellow, H Brendan McMahan, Ilya Mironov, Kunal Talwar, and Li Zhang. 2016. Deep learning with differential privacy. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 308--318.

Digital Library

[2]

Yuvraj Agarwal and Malcolm Hall. 2013. Protect My Privacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing. In Proceeding of the 11th annual international conference on Mobile systems, applications, and services. ACM, 97--110.

[3]

Ittai Anati, Shay Gueron, Simon Johnson, and Vincent Scarlata. 2013. Innovative technology for CPU based attestation and sealing. In Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy, Vol. 13. ACM New York, NY, USA.

[4]

Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2014. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. Acm Sigplan Notices, Vol. 49, 6 (2014), 259--269.

Digital Library

[5]

Android 2019. Documentation for app developers. https://developer.android.com/docs.

[6]

Giuseppe Ateniese, Giovanni Felici, Luigi V Mancini, Angelo Spognardi, Antonio Villani, and Domenico Vitali. 2013. Hacking smart machines with smarter ones: How to extract meaningful data from machine learning classifiers. arXiv preprint arXiv:1306.4447 (2013).

[7]

Alastair R Beresford and Frank Stajano. 2003. Location privacy in pervasive computing. IEEE Pervasive computing 1 (2003), 46--55.

[8]

Eleanor Birrell, Anders Gjerdrum, Robbert van Renesse, Håvard Johansen, Dag Johansen, and Fred B Schneider. 2018. SGX Enforcement of Use-Based Privacy. In Proceedings of the 2018 Workshop on Privacy in the Electronic Society. ACM, 155--167.

Digital Library

[9]

Eleanor Birrell and Fred B Schneider. 2017. A Reactive Approach for Use-Based Privacy. Technical Report.

[10]

Janusz A Brzozowski. 1964. Derivatives of regular expressions. In Journal of the ACM. Citeseer.

[11]

Giovanni Campagna, Silei Xu, Rakesh Ramesh, Michael Fischer, and Monica S Lam. 2018. Controlling Fine-Grain Sharing in Natural Language with a Virtual Assistant. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, Vol. 2, 3 (2018), 95.

Digital Library

[12]

Fred H Cate. 2002. Principles for protecting privacy. Cato J., Vol. 22 (2002), 33.

[13]

Fred H Cate, Peter Cullen, and Viktor Mayer-Schonberger. 2013. Data protection principles for the 21st century. (2013).

[14]

Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. IACR Cryptology ePrint Archive, Vol. 2016, 086 (2016), 1--118.

[15]

Yves-Alexandre De Montjoye, Erez Shmueli, Samuel S Wang, and Alex Sandy Pentland. 2014. open pds: Protecting the privacy of metadata through safe answers. PloS one, Vol. 9, 7 (2014), e98790.

[16]

Django 2019. Django: The Web framework. https://www.djangoproject.com/.

[17]

Eslam Elnikety, Aastha Mehta, Anjo Vahldiek-Oberwagner, Deepak Garg, and Peter Druschel. 2016. Thoth: Comprehensive Policy Compliance in Data Retrieval Systems. In USENIX Security Symposium. 637--654.

[18]

William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N Sheth. 2014. TaintDroid: an information-flow tracking system for real time privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS), Vol. 32, 2 (2014), 5.

Digital Library

[19]

Zope Foundation. 2019. Restricted Python. https://github.com/zopefoundation/RestrictedPython.

[20]

Gunicorn 2019. Documentation for Gunicorn. https://gunicorn.org.

[21]

Peter Händel, Jens Ohlsson, Martin Ohlsson, Isaac Skog, and Elin Nygren. 2013. Smartphone-based measurement systems for road vehicle traffic monitoring and usage-based insurance. IEEE systems journal, Vol. 8, 4 (2013), 1238--1248.

[22]

Thomas Hardjono and Alex Pentland. 2018. Open algorithms for identity federation. In Future of Information and Communication Conference. Springer, 24--42.

[23]

Alexander Hicks, Vasilios Mavroudis, Mustafa Al-Bassam, Sarah Meiklejohn, and Steven J. Murdoch. 2018. VAMS: Verifiable Auditing of Access to Confidential Data. CoRR, Vol. abs/1805.04772 (2018). arxiv: 1805.04772 http://arxiv.org/abs/1805.04772

[24]

Jeffrey Hightower, Sunny Consolvo, Anthony LaMarca, Ian Smith, and Jeff Hughes. 2005. Learning and recognizing the places we go. In International Conference on Ubiquitous Computing. Springer, 159--176.

Digital Library

[25]

Peter Holley. 2019. Wearable technology started by tracking steps. Soon, it may allow your boss to track your performance. https://wapo.st/2NllTfh.

[26]

Jason I Hong and James A Landay. 2004. An architecture for privacy-sensitive ubiquitous computing. In Proceedings of the 2nd international conference on Mobile systems, applications, and services. ACM, 177--189.

Digital Library

[27]

Richard Hull, Bharat Kumar, Daniel Lieuwen, Peter F Patel-Schneider, Arnaud Sahuguet, Sriram Varadarajan, and Avinash Vyas. 2004. Enabling context-aware and privacy-conscious user data sharing. In IEEE International Conference on Mobile Data Management, 2004. Proceedings. 2004. IEEE, 187--198.

[28]

Tyler Hunt, Zhiting Zhu, Yuanzhong Xu, Simon Peter, and Emmett Witchel. 2016. Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data. In OSDI. 533--549.

[29]

Florian Kelbert and Alexander Pretschner. 2015. A fully decentralized data usage control enforcement infrastructure. In International Conference on Applied Cryptography and Network Security. Springer, 409--430.

[30]

Daniel Kondor, Behrooz Hashemian, Yves-Alexandre de Montjoye, and Carlo Ratti. 2018. Towards matching user mobility traces in large-scale datasets. IEEE Transactions on Big Data (2018).

[31]

Elisavet Kozyri and Fred B Schneider. 2019. RIF: Reactive information flow labels. Technical Report.

[32]

JWT 2019. JSON Web Tokens. https://jwt.io

[33]

John Krumm. 2009. A survey of computational location privacy. Personal and Ubiquitous Computing, Vol. 13, 6 (2009), 391--399.

Digital Library

[34]

Marc Langheinrich. 2001. Privacy by design--principles of privacy-aware ubiquitous systems. In International conference on Ubiquitous Computing. Springer, 273--291.

[35]

Marc Langheinrich. 2002. A privacy awareness system for ubiquitous computing environments. In international conference on Ubiquitous Computing. Springer, 237--245.

Digital Library

[36]

Tuukka Lehtiniemi. 2017. Personal Data Spaces: An Intervention in Surveillance Capitalism? Surveillance & Society, Vol. 15, 5 (2017), 626--639.

[37]

Tianshi Li, Yuvraj Agarwal, and Jason I Hong. 2018. Coconut: An IDE plugin for developing privacy-friendly apps. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, Vol. 2, 4 (2018), 178.

Digital Library

[38]

Yuanchun Li, Fanglin Chen, Toby Jia-Jun Li, Yao Guo, Gang Huang, Matthew Fredrikson, Yuvraj Agarwal, and Jason I Hong. 2017. Privacy streams: Enabling transparency in personal data processing for mobile apps. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, Vol. 1, 3 (2017), 76.

Digital Library

[39]

Joshua Lind, Christian Priebe, Divya Muthukumaran, Dan O'Keeffe, P Aublin, Florian Kelbert, Tobias Reiher, David Goltzsche, David Eyers, Rüdiger Kapitza, et almbox. 2017. Glamdring: Automatic application partitioning for Intel SGX. USENIX.

[40]

H Brendan McMahan and Galen Andrew. 2018. A General Approach to Adding Differential Privacy to Iterative Training Procedures. arXiv preprint arXiv:1812.06210 (2018).

[41]

Richard Mortier, Jianxin Zhao, Jon Crowcroft, Liang Wang, Qi Li, Hamed Haddadi, Yousef Amar, Andy Crabtree, James Colley, Tom Lodge, et almbox. 2016. Personal data management with the databox: What's inside the box?. In Proceedings of the 2016 ACM Workshop on Cloud-Assisted Networking. ACM, 49--54.

Digital Library

[42]

Craig Mundie. 2014. Privacy Pragmatism; Focus on Data Use, Not Data Collection. Foreign Aff., Vol. 93 (2014), 28.

[43]

Andrew C Myers and Andrew C Myers. 1999. JFlow: Practical mostly-static information flow control. In Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages. ACM, 228--241.

Digital Library

[44]

Ginger Myles, Adrian Friday, and Nigel Davies. 2003. Preserving privacy in environments with location-based applications. IEEE Pervasive Computing 1 (2003), 56--64.

Digital Library

[45]

NumPy 2019. Scientific computing with Python. https://www.numpy.org/.

[46]

Raúl Pardo and Daniel Le Métayer. 2019. Analysis of Privacy Policies to Enhance Informed Consent. arXiv preprint arXiv:1903.06068 (2019).

[47]

Jaehong Park and Ravi Sandhu. 2002. Towards usage control models: beyond traditional access control. In Proceedings of the seventh ACM symposium on Access control models and technologies. ACM, 57--64.

Digital Library

[48]

PostgreSQL 2019. PostgreSQL documentation. https://www.postgresql.org/docs/.

[49]

Evangelos Pournaras, Izabela Moise, and Dirk Helbing. 2015. Privacy-preserving ubiquitous social mining via modular and compositional virtual sensors. In 2015 IEEE 29th International Conference on Advanced Information Networking and Applications. IEEE, 332--338.

[50]

Andrei Sabelfeld and Andrew C Myers. 2003. Language-based information-flow security. IEEE Journal on selected areas in communications, Vol. 21, 1 (2003), 5--19.

Digital Library

[51]

NumPy 2019. Scientific computing with Python. https://www.numpy.org/.

[52]

Vagner Sacramento, Markus Endler, and Fernando N Nascimento. 2005. A privacy service for context-aware mobile computing. In First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05). IEEE, 182--193.

Digital Library

[53]

Felix Schuster, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz, and Mark Russinovich. 2015. VC3: Trustworthy data analytics in the cloud using SGX. In Security and Privacy (SP), 2015 IEEE Symposium on. IEEE, 38--54.

Digital Library

[54]

Shayak Sen, Saikat Guha, Anupam Datta, Sriram K Rajamani, Janice Tsai, and Jeannette M Wing. 2014. Bootstrapping privacy compliance in big data systems. In Security and Privacy (SP), 2014 IEEE Symposium on. IEEE, 327--342.

Digital Library

[55]

Company Data Sheet. 2019. ARUBA 310 SERIES ACCESS POINTS. https://www.arubanetworks.com/assets/ds/DS_AP310Series.pdf.

[56]

Reza Shokri, George Theodorakopoulos, and Carmela Troncoso. 2017. Privacy games along location traces: A game-theoretic framework for optimizing location privacy. ACM Transactions on Privacy and Security (TOPS), Vol. 19, 4 (2017), 11.

[57]

Eran Toch, Justin Cranshaw, Paul Hankes-Drielsma, Jay Springfield, Patrick Gage Kelley, Lorrie Cranor, Jason Hong, and Norman Sadeh. 2010. Locaccino: a privacy-centric location sharing application. In Proceedings of the 12th ACM international conference adjunct papers on Ubiquitous computing-Adjunct. ACM, 381--382.

Digital Library

[58]

Janice Y Tsai, Patrick Kelley, Paul Drielsma, Lorrie Faith Cranor, Jason Hong, and Norman Sadeh. 2009. Who's viewed you?: the impact of feedback in a mobile location-sharing application. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, 2003--2012.

Digital Library

[59]

Haoyu Wang, Jason Hong, and Yao Guo. 2015. Using text mining to infer the purpose of permission use in mobile apps. In Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing. ACM, 1107--1118.

Digital Library

[60]

PYPL 2019. PopularitY of Programming Language. http://pypl.github.io/PYPL.html.

[61]

PyTorch GitHub 2019. https://github.com/pytorch/. [Online; accessed 14-May-2019].

[62]

Redis 2019. Redis documentation. https://redis.io/documentation

[63]

Hao Wang, Daqing Zhang, Junyi Ma, Yasha Wang, Yuxiang Wang, Dan Wu, Tao Gu, and Bing Xie. 2016. Human respiration detection with commodity wifi devices: do user location and body orientation matter?. In Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing. ACM, 25--36.

Digital Library

[64]

Leye Wang, Dingqi Yang, Xiao Han, Tianben Wang, Daqing Zhang, and Xiaojuan Ma. 2017. Location privacy-preserving task allocation for mobile crowd sensing with differential geo-obfuscation. In Proceedings of the 26th International Conference on World Wide Web. International World Wide Web Conferences Steering Committee, 627--636.

Digital Library

[65]

Stephen B Wicker. 2012. The loss of location privacy in the cellular age. Commun. ACM, Vol. 55, 8 (2012), 60--68.

Digital Library

[66]

Delanie Woodlock. 2017. The Abuse of Technology in Domestic Violence and Stalking. Violence Against Women, Vol. 23, 5 (2017), 584--602. https://doi.org/10.1177/1077801216646277

[67]

wrk2 2019. Modern HTTP benchmarking tool. https://github.com/giltene/wrk2

[68]

Jie Xiong and Kyle Jamieson. 2013. ArrayTrack: a fine-grained indoor location system. Usenix.

[69]

Jean Yang, Kuat Yessenov, and Armando Solar-Lezama. 2012. A language for automatically enforcing privacy policies. In ACM SIGPLAN Notices, Vol. 47. ACM, 85--96.

Digital Library

[70]

Daqing Zhang, Hao Wang, and Dan Wu. 2017. Toward centimeter-scale human activity sensing with Wi-Fi signals. Computer, Vol. 50, 1 (2017), 48--57.

Digital Library

[71]

Yongpan Zou, Weifeng Liu, Kaishun Wu, and Lionel M Ni. 2017. Wi-fi radar: Recognizing human behavior with commodity wi-fi. IEEE Communications Magazine, Vol. 55, 10 (2017), 105--111.

Cited By

Zieglmeier VPretschner A(2023)Rethinking People Analytics With Inverse Transparency by DesignProceedings of the ACM on Human-Computer Interaction10.1145/36100837:CSCW2(1-29)Online publication date: 4-Oct-2023
https://dl.acm.org/doi/10.1145/3610083
Das Swain VKwon HSargolzaei SSaket BBin Morshed MTran KPatel DTian YPhilipose JCui YPlötz TDe Choudhury MAbowd G(2023)Leveraging WiFi network logs to infer student collocation and its relationship with academic performanceEPJ Data Science10.1140/epjds/s13688-023-00398-212:1Online publication date: 7-Jul-2023
https://doi.org/10.1140/epjds/s13688-023-00398-2
Ferreira MBrito TSantos JSantos N(2023)RuleKeeper: GDPR-Aware Personal Data Compliance for Web Frameworks2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179395(2817-2834)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179395
Show More Cited By

Index Terms

Ancile: Enhancing Privacy for Ubiquitous Computing with Use-Based Privacy
1. Information systems
  1. Information systems applications
    1. Spatial-temporal systems
      1. Location based services
2. Security and privacy
  1. Security services
    1. Access control
    2. Pseudonymity, anonymity and untraceability
  2. Systems security
    1. Information flow control

Recommendations

A privacy-preserving UBICOMP architecture
PST '06: Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services

With the increasing deployment of sensors, intelligent devices of all sizes, and wireless networking, ubiquitous computing (UBICOMP) environments are getting closer to reality. Research in UBICOMP has focused on enabling technologies, such as networking,...
Towards Personal Privacy Control
On the Move to Meaningful Internet Systems 2007: OTM 2007 Workshops
Abstract
In this paper we address the realization of personal privacy control in pervasive computing. We argue that personal privacy demands differ substantially from those assumed in enterprise privacy control. This is demonstrated by introducing seven ...
PriPoCoG: Guiding Policy Authors to Define GDPR-Compliant Privacy Policies
Trust, Privacy and Security in Digital Business
Abstract
The General Data Protection Regulation (GDPR) makes the creation of compliant privacy policies a complex process. Our goal is to support policy authors during the creation of privacy policies, by providing them feedback on the privacy policy they ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WPES'19: Proceedings of the 18th ACM Workshop on Privacy in the Electronic Society

November 2019

228 pages

ISBN:9781450368308

DOI:10.1145/3338498

General Chairs:
Lorenzo Cavallaro
King's College London, United Kingdom
,
Johannes Kinder
Bundeswehr University Munich, Germany
,
Program Chair:
Josep Domingo-Ferrer
Universitat Rovira i Virgili, Catalonia

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 November 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Science Foundation

Conference

CCS '19

Sponsor:

SIGSAC

CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security

November 11, 2019

London, United Kingdom

Acceptance Rates

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
865
Total Downloads

Downloads (Last 12 months)259
Downloads (Last 6 weeks)11

Reflects downloads up to 13 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zieglmeier VPretschner A(2023)Rethinking People Analytics With Inverse Transparency by DesignProceedings of the ACM on Human-Computer Interaction10.1145/36100837:CSCW2(1-29)Online publication date: 4-Oct-2023
https://dl.acm.org/doi/10.1145/3610083
Das Swain VKwon HSargolzaei SSaket BBin Morshed MTran KPatel DTian YPhilipose JCui YPlötz TDe Choudhury MAbowd G(2023)Leveraging WiFi network logs to infer student collocation and its relationship with academic performanceEPJ Data Science10.1140/epjds/s13688-023-00398-212:1Online publication date: 7-Jul-2023
https://doi.org/10.1140/epjds/s13688-023-00398-2
Ferreira MBrito TSantos JSantos N(2023)RuleKeeper: GDPR-Aware Personal Data Compliance for Web Frameworks2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179395(2817-2834)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179395
Wang SLi YLi HLi FTian CSu LZhang YMa YYan LSun YCheng XXie XZou Y(2022)OperonProceedings of the VLDB Endowment10.14778/3554821.355482615:12(3332-3345)Online publication date: 29-Sep-2022
https://dl.acm.org/doi/10.14778/3554821.3554826
Vinitha KNila RRajkumar RKumar P(2022)Enterprise Email Server Data Protection System using Geo-Fence Technology and Machine Learning2022 International Conference on Sustainable Computing and Data Communication Systems (ICSCDS)10.1109/ICSCDS53736.2022.9760986(287-291)Online publication date: 7-Apr-2022
https://doi.org/10.1109/ICSCDS53736.2022.9760986
Zieglmeier VLoyola Daiqui G(2021)GDPR-Compliant Use of Blockchain for Secure Usage LogsProceedings of the 25th International Conference on Evaluation and Assessment in Software Engineering10.1145/3463274.3463349(313-320)Online publication date: 21-Jun-2021
https://dl.acm.org/doi/10.1145/3463274.3463349
Wu DVerhulst SPentland AAvila TFinch KGupta A(2021)How data governance technologies can democratize data sharing for community well-beingData & Policy10.1017/dap.2021.133Online publication date: 13-Jul-2021
https://doi.org/10.1017/dap.2021.13
Mavriki PKaryda M(2020)Big Data Analytics in Healthcare Applications: Privacy Implications for Individuals and Groups and Mitigation StrategiesInformation Systems10.1007/978-3-030-63396-7_35(526-540)Online publication date: 21-Nov-2020
https://doi.org/10.1007/978-3-030-63396-7_35

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents