Context-aware privacy-preserving access control for mobile computing

In mobile and pervasive computing applications, opportunistic connections allow co-located devices to exchange data directly. Keeping data sharing local enables large-scale cooperative applications and empowers individual users to control what and how information is shared. Supporting such applications requires runtime frameworks that allow them to manage the who, what, when, and how of access to resources. Existing frameworks have limited expressiveness and do not allow data owners to modulate the granularity of information released. In addition, these frameworks focus exclusively on security and privacy concerns of data providers and do not consider the privacy of data consumers. We present PADEC, a context-sensitive, privacy-aware framework that allows users to define rich access control rules over their resources and to attach levels of granularity to each rule. PADEC is also characterized by its expressiveness, allowing users to decide under which conditions should which information be shared. We provide a formal definition of PADEC and an implementation based on private function evaluation. Our evaluation shows that PADEC is more expressive than other mechanisms, protecting privacy of both consumers and providers.     

Cluster-group based trusted computing for mobile social networks using implicit social behavioral graph

Mobile Social Networks (MSNs) facilitate connections between mobile devices, and are capable of providing an effective mobile computing environment for users to access, share, and distribute information. However, MSNs are virtual social spaces, the available information may not be trustworthy to all. Therefore, trust inference plays a critical role for establishing social links between mobile users. In MSNs, users’ transactions will more and more be complemented with group contact. Hence, future usage patterns of mobile devices will involve more group contacts. In this paper, we describe the implicit social behavioral graph, i.e., ego-i graph which is formed by users’ contacts, and present an algorithm for initiating ego-i graph. We rate these relationships to form a dynamic contact rank, which enables users to evaluate the trust values between users within the context of MSNs. We, then, calculate group-based trust values according to the level of contacts, interaction evolution, and users’ attributes. Based on group-based trust, we obtain a cluster trust by the aggregation of inter group-based trust values. Due to the unique nature of MSNs, we discuss the propagation of cluster trust values for global MSNs. Finally, we evaluate the performance of our trust model through simulations, and the results demonstrate the effectiveness of group-based behavioural relationships in MSNs’ information sharing system.     

Enabling privacy and leakage resistance for dynamic blockchain-based access control systems

With rise of 5G/6G network, low-storage devices usually outsource data for higher rate and less latency. Non-controlled outsourcing and complex communications incur security issues for IoT applications. Specially, user privacy and access reliability pose technical challenges for sensitive data outsourcing and sharing. In this paper, we harmonize functional encryption and blockchain to propose a reliable and privacy-aware access control system named R-PAC. It allows a result-form access without learning raw information and fair interaction against malicious users. With a combination of all-or-nothing encapsulation technology, R-PAC supports users’ dynamic joining and key leakage resistance. We design R-PAC from Boneh–Franklin identity-based encryption, with forward-coverable encryption and reverse-discoverable decryption, and formally prove its indistinguishability security. We implement a R-PAC prototype and deploy it to a simulated Ethereum network to evaluate its performance. Experiments from both data access and transaction overhead show that R-PAC is with reasonable cost and has a trade-off between efficiency and strong security/functionality.     

SpinRadar: a spontaneous service provision middleware for place-aware social interactions

With the advancements of mobile phones and the integration of multiple communication interfaces, online social interaction between users is no longer restricted to a specific place with connectivity to the Internet but can happen anywhere and at any time. This has promoted the development of mobile social applications to enable opportunistic interactions with co-located users. One of the challenging problems in such interactions is to discover interaction opportunities with nearby users. Existing works focus on properties related to mobile users in order to find similar users in the surrounding area; these works depend on predefined logic such as conditional statements to recommend spontaneous social interaction opportunities. However, the social implications of the place in which the interaction is taking place are an important factor for recommendations, as those implications provide hints about the most plausible types of interactions among co-located users. In this work, we present a middleware called SpinRadar which is designed to support spontaneous interactions between co-located users by taking into account the semantics of a place, which we call ‘placeness.’ Our evaluation shows that the proposed scheme satisfies users much more than existing schemes.     

Personal mobile services

Ubiquitous information access through mobile devices has become a typical practice in everyday life. The mobile service paradigm shifts the role of mobile devices from consumers to providers, opening up new opportunities for a multitude of collaborative services and applications ranging from sharing personal information to collaborative participatory sensing. Although many basic principles of the standard Web service approach continue to apply, the inherent constraints of mobile devices and broadband wireless access render the deployment of the standard architecture in mobile environments inefficient. This paper introduced personal services, a user-centric paradigm that enables service-oriented interactions among mobile devices that are controlled via user-specified authorization policies. Personal services exploit the user’s contact list (ranging from phonebook to social lists) in order to publish and discover Web services while placing users in full control of their own personal data and privacy. Experimental validation demonstrates the ability of personal services to foster a new generation of collaborative mobile services. Performance evaluation results show that the publication and discovery through contact lists are efficient and that service announcements and discovery requests can reach a huge number of users in a few seconds. Results also support a conclusion that resources-constrained devices can collaborate to carry out functionalities beyond the ability of their resources limitations.     

Improving the usability of standard schemas

Due to the development of XML and other data models such as OWL and RDF, sharing data is an increasingly common task since these data models allow simple syntactic translation of data between applications. However, in order for data to be shared semantically, there must be a way to ensure that concepts are the same. One approach is to employ commonly usedschemas—called standard schemas —which help guarantee that syntactically identical objects have semantically similar meanings. As a result of the spread of data sharing, there has been widespread adoption of standard schemas in a broad range of disciplines and for a wide variety of applications within a very short period of time. However, standard schemas are still in their infancy and have not yet matured or been thoroughly evaluated. It is imperative that the data management research community takes a closer look at how well these standard schemas have fared in real-world applications to identify not only their advantages, but also the operational challenges that real users face.     

Private aggregation for presence streams

Collaboration technologies must support information sharing between collaborators, but must also take care not to share too much information or share information too widely. Systems that share information without requiring an explicit action by a user to initiate the sharing must be particularly cautious in this respect. Presence systems are an emerging class of applications that support collaboration. Through the use of pervasive sensors, these systems estimate user location, activities, and available communication channels. Because such presence data are sensitive, to achieve wide-spread adoption, sharing models must reflect the privacy and sharing preferences of their users. This paper looks at the role that privacy-preserving aggregation can play in addressing certain user sharing and privacy concerns with respect to presence data.We define conditions to achieve CollaPSE (Collaboration Presence Sharing Encryption) security, in which (i) an individual has full access to her own data, (ii) a third party performs computation on the data without learning anything about the data values, and (iii) people with special privileges called “analysts” can learn statistical information about groups of individuals, but nothing about the individual values contributing to the statistic other than what can be deduced from the statistic. More specifically, analysts can decrypt aggregates without being able to decrypt the individual values contributing to the aggregate. Based in part on studies we carried out that illustrate the need for the conditions encapsulated by CollaPSE security, we designed and implemented a family of CollaPSE protocols. We analyze their security, discuss efficiency tradeoffs, describe extensions, and review more recent privacy-preserving aggregation work.     

面向移动端基于社交关系的图片缓存替换算法

随着移动终端深入人们的生活,移动社交APP得到了广泛使用。在移动社交APP中往往会使用大量的图片资源,如微信朋友圈、Instagram的图片分享等。在APP中浏览图片会消耗较多的网络流量,影响加载速度,因此大部分APP采用首先显示缩略图,根据用户需求再加载原图的策略。在服务器端也采用缓存技术来加快缩略图产生时间,减少磁盘I/O。但是,当前的缓存机制更多关注的是缓存的访问频率、最近访问时间等因素,并没有过多关注数据生成用户之间的社交关系,也没有考虑移动用户对缩略图和原图的不同访问模式。把缓存划分为两个部分:缩略图缓存区和原图缓存区,提出了基于社交关系的图片缓存替换算法,在传统缓存替换算法的基础上增加用户的社交关系以及缩略图和原图的关联关系,通过计算图片的缓存价值进行缓存替换。实验表明,所提出的基于社交关系的图片缓存替换算法对于缩略图和原图的缓存命中率都有明显提高。     

Nephele: Scalable Access Control for Federated File Services

The integration of storage resources across different administrative domains can serve as building block for the development of efficient collaboration environments. In order to improve application portability across such environments, we target data sharing facilities that securely span multiple domains at the filesystem rather than the application level. We introduce the hypergroup as an heterogeneous two-layer construct, where the upper layer consists of administrative domains and the lower layer of users from each participating domain. We use public keys to uniquely identify users and domains, but rely on credentials to securely bind users and domains with hypergroups. Each domain is responsible for authenticating its local users across the federation, and employs access control lists to specify the rights of individual users and hypergroups over local storage resources. In comparison to existing systems, we show both analytically and experimentally reduced transfer cost of remote authorizations and improved scalability properties.     

Information access and QoS issues in a mobile computing environment

Efficient access to coherent information files is an important issue in mobile computing. In this paper we consider performance analysis of information access in a mobile computing environment. We employ a distributed directory scheme that permits uninterrupted use under disconnected and low bandwidth connections and minimizes invalidation and false sharing. This scheme allows for two invalidation schemes that avoid false sharing, and a mechanism for efficient maintenance of file details. We analyse the performance of the directory scheme in terms of time taken and energy consumed in executing operations such as read/write, connection, disconnection, and hoarding in mobile environments. The directory scheme is employed for facilitating efficient transfer of partially updated files in hierarchical networks. We also investigate quality of service issues related to file accesses in the mobile computing environment discussed in the paper. However, the scheme can be extended to any mobile computing environment.     

Discerning individual interests and shared interests for social user profiling

Traditionally, research about social user profiling assumes that users share some similar interests with their followees. However, it lacks the studies on what topic and to what extent their interests are similar. Our study in online sharing sites reveals that besides shared interests between followers and followees, users do maintain some individual interests which differ from their followees. Thus, for better social user profiling we need to discern individual interests (capturing the uniqueness of users) and shared interests (capturing the commonality of neighboring users) of the users in the connected world. To achieve this, we extend the matrix factorization model by incorporating both individual and shared interests, and also learn the multi-faceted similarities unsupervisedly. The proposed method can be applied to many applications, such as rating prediction, item level social influence maximization and so on. Experimental results on real-world datasets show that our work can be applied to improve the performance of social rating. Also, it can reveal some interesting findings, such as who likes the “controversial” items most, and who is the most influential in attracting their followers to rate an item.     

The Internet of People (IoP): A new wave in pervasive mobile computing

Cyber–Physical convergence, the fast expansion of the Internet at its edge, and tighter interactions between human users and their personal mobile devices push towardan Internet where the human user becomes more central than ever, and where their personal devices become their proxies in the cyber world, in addition to acting as a fundamental tool to sense the physical world. The current Internet paradigm, which is infrastructure-centric, is not the right one to cope with such emerging scenario with a wider range of applications. This calls for a radically new Internet paradigm, that we name the Internet of People (IoP), where the humans and their personal devices are not seen merely as end users of applications, but become active elements of the Internet. Note that IoP is not a replacement of the current Internet infrastructure, but it exploits legacy Internet services as (reliable) primitives to achieve end-to-end connectivity on a global-scale. In this visionary paper, we first discuss the key features of the IoP paradigm along with the underlying research issues and challenges. Then we present emerging networking and computing paradigms that are anticipating IoP.     

Semantic tagging and linking of software engineering social content

Social online communities and platforms play a significant role in the activities of software developers either as an integral part of the main activities or through complimentary knowledge and information sharing. As such techniques become more prevalent resulting in a wealth of shared information, the need to effectively organize and sift through the information becomes more important. Top-down approaches such as formal hierarchical directories have shown to lack scalability to be applicable to these circumstanes. Light-weight bottom-up techniques such as community tagging have shown promise for better organizing the available content. However, in more focused communities of practice, such as software engineering and development, community tagging can face some challenges such as tag explosion, locality of tags and interpretation differences, to name a few. To address these challenges, we propose a semantic tagging approach that benefits from the information available in Wikipedia to semantically ground the tagging process and provide a methodical approach for tagging social software engineering content. We have shown that our approach is able to provide high quality tags for social software engineering content that can be used not only for organizing such content but also for making meaningful and relevant content recommendation to the users both within a local community and also across multiple social online communities. We have empirically validated our approach through four main research questions. The results of our observations show that the proposed approach is quite effective in organizing social software engineering content and making relevant, helpful and novel content recommendations to software developers and users of social software engineering communities.     

Already up? using mobile phones to track & share sleep behavior

Users share a lot of personal information with friends, family members, and colleagues via social networks. Surprisingly, some users choose to share their sleeping patterns, perhaps both for awareness as well as a sense of connection to others. Indeed, sharing basic sleep data, whether a person has gone to bed or waking up, informs others about not just one's sleeping routines but also indicates physical state, and reflects a sense of wellness. We present Somnometer, a social alarm clock for mobile phones that helps users to capture and share their sleep patterns. While the sleep rating is obtained from explicit user input, the sleep duration is estimated based on monitoring a user's interactions with the app. Observing that many individuals currently utilize their mobile phone as an alarm clock revealed behavioral patterns that we were able to leverage when designing the app. We assess whether it is possible to reliably monitor one's sleep duration using such apps. We further investigate whether providing users with the ability to track their sleep behavior over a long time period can empower them to engage in healthier sleep habits. We hypothesize that sharing sleep information with social networks impacts awareness and connectedness among friends. The result from a controlled study reveals that it is feasible to monitor a user's sleep duration based just on her interactions with an alarm clock app on the mobile phone. The results from both an in-the-wild study and a controlled experiment suggest that providing a way for users to track their sleep behaviors increased user awareness of sleep patterns and induced healthier habits. However, we also found that, given the current broadcast nature of existing social networks, users were concerned with sharing their sleep patterns indiscriminately.     

MyWay: Location prediction via mobility profiling

Forecasting the future positions of mobile users is a valuable task allowing us to operate efficiently a myriad of different applications which need this type of information. We propose MyWay, a prediction system which exploits the individual systematic behaviors modeled by mobility profiles to predict human movements. MyWay provides three strategies: the individual strategy uses only the user individual mobility profile, the collective strategy takes advantage of all users individual systematic behaviors, and the hybrid strategy that is a combination of the previous two. A key point is that MyWay only requires the sharing of individual mobility profiles, a concise representation of the user׳s movements, instead of raw trajectory data revealing the detailed movement of the users. We evaluate the prediction performances of our proposal by a deep experimentation on large real-world data. The results highlight that the synergy between the individual and collective knowledge is the key for a better prediction and allow the system to outperform the state-of-art methods.     

Collecting and Sharing Location-based Content on Mobile Phones in a Zoo Visitor Experience

The augmentation of visitor experiences with location-based technologies has been available for some time. Through in-depth studies of users during these experiences the field is building a rich picture of user behaviour in relation to certain location-based technologies. However, little work has explored the use of mobile camera phones and 2D barcodes on situated signs and their properties as a way of delivering such augmented visitor experiences. In this paper we present a study of people engaged in such a location-based experience at London zoo in which they use mobile camera phones to read 2D barcodes on signs at the animal enclosures in order to access related content. Through the fieldwork we highlight the social and collaborative aspects of the experience and how particular characteristics of the mobile phone and barcode technology shape these behaviours. The paper also highlights some of the non-instrumental aspects of the location-based experience, in particular in relation to the importance of collecting location-based content. We explore the social aspects of collecting as well as certain competitive elements it introduces into people’s behaviour. This creates an interesting tension in that aspects of the application encourage cooperation and sharing among the visitors whereas others encourage competition. In the course of presenting the fieldwork, we explore this tension further.     

Ensuring efficient multimedia message sharing in mobile social network

Mobile Social Networks (MSN) are attractive applications which enable users to share data with a group of friends and stay connected. WeChat, QQ are among the most popular applications of MSNs where personal multimedia files are shared among group contacts. However, the security risks accompanying such developments have raised concerns in people. The providers typically store users’ data, and offer few options for the users to custom and manage the dissipation of their data over the network. In this paper, we design a data sharing framework in which individuals retain ownership of their data. The scheme gives users flexible and granular access control over their data, and more importantly it provides protection from the untrusted data provider server. Experiments show the efficiency of our scheme.

     

Collaborative filtering based on collaborative tagging for enhancing the quality of recommendation

We propose a collaborative filtering method to provide an enhanced recommendation quality derived from user-created tags. Collaborative tagging is employed as an approach in order to grasp and filter users’ preferences for items. In addition, we explore several advantages of collaborative tagging for data sparseness and a cold-start user. These applications are notable challenges in collaborative filtering. We present empirical experiments using a real dataset from del.icio.us. Experimental results show that the proposed algorithm offers significant advantages both in terms of improving the recommendation quality for sparse data and in dealing with cold-start users as compared to existing work.