Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

A survey on addressing privacy together with quality of context for context management in the Internet of Things

  • Published:
annals of telecommunications - annales des télécommunications Aims and scope Submit manuscript

Abstract

Making the Internet of Things (IoT) a reality will contribute to extend the context-aware ability of numerous sensitive applications. We can foresee that the context of users will include not only their own spatio-temporal conditions but also those of the things situated in their ambient environment and at the same time, thanks to the IoT, those that are located in other remote spaces. Consequently, next-generation context managers have to interact with the IoT underlying technologies and must, even more than before, address both privacy and quality of context (QoC) requirements. In this article, we show that the notions of privacy and QoC are intimately related and sometimes contradictory and survey the recent works addressing them. Current solutions usually consider only one notion, and very few of them started to bridge privacy and QoC. We identify some of the remaining challenges that next-generation context managers have to deal with to favour users’ acceptability by providing both the optimal QoC level and the appropriate privacy protection.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Abid Z, Chabridon S, Conan D (2009) A framework for quality of context management. In: First international workshop on quality of context. Lecture notes in computer science, vol 5786. Springer, Berlin

    Google Scholar 

  2. Agrawal R, Srikant R (2000) Privacy-preserving data mining. In: ACM SIGMOD conference

  3. Alcalde Bagüés S, Zeidler A, Fernández-Valdivielso C, Matias I (2007) Disappearing for a while-using white lies in pervasive computing. In: Proceedings of the ACM workshop on privacy in electronic society, ACM, pp 80–83

  4. Arcangeli J-P, et al (2012) INCOME—multi-scale context management for the Internet of Things. In: International conference on ambient intelligence (AmI). Lecture notes in computer science, vol 7683. Springer, Berlin

    Google Scholar 

  5. Ashley P, Hada S, et al (2003) Enterprise privacy authorization language (EPAL 1.2)

  6. Atzori L, Iera A, Morabito G (2010) The Internet of Things: a survey. Comput Netw 54(15):2787–2805

    Article  MATH  Google Scholar 

  7. Bai G, Gu L, Feng T, Guo Y, Chen X (2010) Context-aware usage control for android. In: Security and privacy in communication networks, Springer, New York, pp 326–343

    Chapter  Google Scholar 

  8. Basseville M, Nikiforov I, et al (1993) Detection of abrupt changes: theory and application, vol 104. Prentice-Hall, Englewood Cliffs

    Google Scholar 

  9. Bellavista P, Corradi A, Fanelli M, Foschini L (2012) A survey of context data distribution for mobile ubiquitous systems. ACM Comput Surv 44(24):24:1–24:45

    Google Scholar 

  10. Bettini C, Brdiczka O, Henricksen K, Indulska J, et al (2010) A survey of context modelling and reasoning techniques. Pervasive Mob Comp 6(2):161–180

    Article  Google Scholar 

  11. Bisdikian C, Sensoy M, Norman TJ, Srivastava MB (2012) Trust and obfuscation principles for quality of information in emerging pervasive environments. In: IEEE international conference on pervasive computing and communications, PerCom 2012, 19–23 March 2012, Lugano, workshop proceedings, pp 44–49

  12. Borcea-Pfitzmann K, Pfitzmann A, Berg M (2011) Privacy 3.0 := data minimization + user control contextual integrity. Inf Technol 53(1):34–40

    Google Scholar 

  13. Brgulja N, Kusber R, David K, Baumgarten M (2009) Measuring the probability of correctness of contextual information in context aware systems. In: 8th IEEE international conference on dependable, autonomic and secure computing, Washington

  14. Bu Y, Gu T, Tao X, Li J, Chen S, Lu J (2006) Managing quality of context in pervasive computing. In: Sixth international conference on quality software, QSIC 2006

  15. Buchholz T, Kupper A, Schiffers M (2003) Quality of context information: what it is and why we need it. In: 10th international workshop HPOVUA, Geneva

  16. Canadian and Dutch Protection Authorities (1995) Privacy-enhancing technologies: the path to anonymity. http://www.ontla.on.ca/library/repository/mon/10000/184530.pdf Accessed 15 Feb 2013

  17. Canny J (2002) Collaborative filtering with privacy via factor analysis. In: 25th ACM SIGIR

  18. Castellucia C, Druschel P, Fischer Hübner S et al. (2011) Privacy, accountability and trust—challenges and opportunities. Technical report MSU-CSE-00-2, ENISA

  19. Cavoukian A, Chibba M (2009) Advancing privacy and security in computing, networking and systems innovations through privacy by design. In: Proceedings conference of the Centre for Advanced Studies on Collaborative Research, Toronto pp 358–360

  20. Cavoukian A, Tapscott D (1996) Who knows: safeguarding your privacy in a networked world. McGraw-Hill, New York

    Google Scholar 

  21. Chabridon S, Conan D, Abid Z, Taconet C (2012) Building ubiquitous QoC-aware applications through model-driven software engineering. Sci Comput Program 78:1912–1929. doi:10.1016/j.scico.2012.07.019

    Article  Google Scholar 

  22. Chakraborty S, Charbiwala Z, Choi H, Raghavan KR, Srivastava MB (2012) Balancing behavioral privacy and information utility in sensory data flows. Pervasive Mob Comput 8(3):331–345

    Article  Google Scholar 

  23. Chakraborty S, Choi H, Srivastava MB (2011) Demystifying privacy in sensory data: a QoI based approach In: Percom workshops

  24. Chakraborty S, Raghavan KR, Srivastava MB, Bisdikian C, Kaplan LM (2012) An obfuscation framework for controlling value of information during sharing. In: IEEE statistical signal processing workshop

  25. Chaum D (1981) Untraceable electronic mail, return addresses, and digital pseudonyms. Commun ACM 24(2):84–88

    Article  Google Scholar 

  26. Conti M, Das SK, Bisdikian C, Kumar M, et al (2012) Looking ahead in pervasive computing: challenges and opportunities in the era of cyber-physical convergence. Pervasive Mob Comput 8(1):2–21

    Article  Google Scholar 

  27. Coutaz J, Crowley JL, Dobson S, Garlan D (2005) Context is key. Commun ACM 48(3):49–53

    Article  Google Scholar 

  28. Covington M, Long W, Srinivasan S, Dey A, Ahamad M, Abowd G (2001) Securing context-aware applications using environment roles. In: 6th ACM symposium on access control models and technologies

  29. Covington M, Sastry M (2006) A contextual attribute-based access control model. In: OTM

  30. Danezis G, Gürses S (2010) A critical review of 10 years of privacy technology. In: Surveillance cultures: a global surveillance society?, UK

  31. Danezis G, Mittal P (2009) SybilInfer: detecting sybil nodes using social networks. In: NDSS

  32. de Montjoye Y-A, Hidalgo CA, Verleysen M, Blondel V (2013) Unique in the crowd: the privacy bounds of human mobility. Nat Sci Rep 3:1376

    Google Scholar 

  33. De Capitani di Vimercati S, Samarati P (2011) PrimeLife project: next generation policies. http://primelife.ercim.eu/results/documents/150-523d Accessed 15 Feb 2013

  34. Diaz C (2005) Anonymity privacy in electronic services. PhD thesis, Cath. Univ. Leuven

  35. Dingledine R, Mathewson N, Syverson PF (2004) Tor: the second-generation onion router. In: 13th USENIX security symposium, San Diego

  36. Dwork C (2006) Differential privacy. In: International colloquium on automata, languages and programming (ICALP) Springer, Venice

    Google Scholar 

  37. Filho JB (2010) A family of context-based access control models for pervasive environments. PhD thesis, MSTII Doctoral School, Joseph Fourier University, Grenoble

  38. Filho JB, Agoulmine N (2011) A quality-aware approach for resolving context conflicts in context-aware systems. IEEE/IFIP conference on embedded and ubiquitous computing

  39. Flinn J (2012) Cyber foraging: bridging mobile and cloud computing. Synth Lect Mob Pervasive Comput 7(2):1–103

    Article  Google Scholar 

  40. Freytag J-C (2009) Context quality and privacy—friends or rivals? In: First international workshop on quality of context. Lecture notes in computer science, vol 5786. Springer, Berlin

    Google Scholar 

  41. Google (2013) The Google geocoding API. https://developers.google.com/maps/documentation/geocoding/ Accessed 15 Feb 2013

  42. Graf C, Busch M, Schulz T, Hochleitner C, Skeide Fuglerud K (2012) D2.7 updated design guidelines on the security feedback provided by the “Things”. Technical report, uTRUSTit project

  43. Graf C, Hochleitner C, et al (2011) Towards usable privacy enhancing technologies: lessons learned from the PrimeLife project. http://primelife.ercim.eu/results/documents/149-416d Accessed 15 Feb 2013

  44. Han Q, Hakkarinen D, Boonma P, Suzuki J (2010) Quality-aware sensor data collection. Int J Sens Netw 7(3):127–140

    Article  Google Scholar 

  45. Hedbom H (2009) A survey on transparency tools for enhancing privacy. In: The future of identity in the information society, vol 298. Springer, Berlin

    Google Scholar 

  46. Henricksen K, Indulska J (2004) Modelling and using imperfect context information. In: IEEE PERCOM 1st workshop CoMoRea

  47. Huebscher MC, McCann JA (2005) A learning model for trustworthiness of context-awareness services. In: Third IEEE international conference on PerCom workshops, Hawaii

  48. Inglesant P, Sasse MA, Chadwick D, Shi LL (2008) Expressions of expertness: the virtuous circle of natural language for access control policy specification. In: SOUPS

  49. Accuracy ISO (2011) (Trueness and precision) of measurement methods and results—part 1: introduction and basic principles. ISO/WD 15725-1 document

  50. ITU Internet Reports (2005) The Internet of Things, 7th edn. ITU, Geneva

  51. Kelly D, Raines R, Grimaila M, Baldwin R, Mullins B (2008) A survey of state-of-the-art in anonymity metrics. In: 1st ACM workshop on network data anonymization. ACM

  52. Kim Y, Lee K (2006) A quality measurement method of context information in ubiquitous environments, vol 2. In: ICHIT ’06 proceedings of the 2006 international conference on hybrid information technology

  53. Korpipää P, Mäntyjärvi J, Kela J, Keränen H, Malm EJ (2003) Managing context information in mobile devices. IEEE Pervasive Comput 2(3):42–51

    Article  Google Scholar 

  54. Krause M, Hochstatter I (2005) Challenges in modelling and using quality of context (QoC). In: Mobility aware technologies and applications, vol 3744. Springer, Berlin

    Google Scholar 

  55. Kulkarni D, Tripathi A (2008) Context-aware role-based access control in pervasive computing systems. In: Proceedings of the 13th ACM symposium on access control models and technologies, SACMAT ’08, ACM, New York, pp 113–122

  56. Kumar A, Karnik NM, Chafle G (2002) Context sensitivity in role-based access control. Oper Syst Rev 36(3):53–66

    Article  Google Scholar 

  57. Langheinrich M (2009) Privacy in ubiquitous computing. In: Krumm J (ed) Ubiquitous computing. CRC, Boca Raton, pp 95–160

  58. Lazouski A, Martinelli F, Mori P (2010) Usage control in computer security: a survey. Elsevier Comput Sci Rev 4(2):81–99

    Article  Google Scholar 

  59. Lederer S, Hong J, Dey A, Landay J (2004) Personal privacy through understanding and action: five pitfalls for designers. Personal Ubiquit Comput 8(6):440–454

    Article  Google Scholar 

  60. Machanavajjhala A, Kifer D, Gehrke J, Venkitasubramaniam M (2007) L-diversity: privacy beyond k-anonymity. ACM Trans Knowl Discov Data 1(3):3:1–3:52

    Google Scholar 

  61. Machara Marquez S, Chabridon S, Taconet C (2013) Models@Run.time for privacy and quality of context level agreements in the Internet of Things. Technical report, UMR SAMOVAR, Télécom SudParis

  62. Manzoor A (2010) Quality of context in pervasive systems: models, techniques, and applications. PhD thesis, School of Computer Science, Wien TU

  63. Manzoor A, Truong H-L, Dustdar S (2012) Quality of context: models and applications for context-aware systems in pervasive environments. Knowl Eng Rev. doi:10.1017/S000000000000000. Special issue on web and mobile information services

    MATH  Google Scholar 

  64. Manzoor A, Truong HL, Dustdar S (2008) On the evaluation of quality of context. In: Smart sensing and context, Springer, Berlin

    Google Scholar 

  65. Marie P, Desprats T, Chabridon S, Sibilla M (2013) A meta-model for the management of the quality of context information. Technical report, University, Toulouse, IRIT

  66. Marx G (2001) Murky conceptual waters: the public and the private. Ethics Inf Technol 3(3):157–169

    Article  Google Scholar 

  67. Matos A (2012) Privacy in next generation networks. PhD thesis. http://ria.ua.pt/handle/10773/8697 Accessed 15 Feb 2013

  68. McKeever S, Ye J, Coyle L, Dobson S (2009) A context quality model to support transparent reasoning with uncertain context. In: First international workshop on quality of context. Lecture notes in computer science, vol 5786. Springer, Berlin

    Google Scholar 

  69. Mehta B (2007) Learning from what others know: privacy preserving cross system personalization. In: 11th conferences on user modeling

  70. Miorandi S, an Sicari D, De Pellegrini F, Chlamtac I (2012) Survey Internet of things: vision, applications and research challenges. Ad Hoc Netw 10(7):1497–1516

    Article  Google Scholar 

  71. Narayanan A, Shmatikov V (2008) Robust De-anonymization of large sparse datasets. In: IEEE symposium security and privacy

  72. Neisse R (2012) Trust and privacy management support for context-aware service platforms. PhD thesis, CTIT School, University of Twente, NL

  73. Neisse R, Pretschner A, Di Giacomo V (2011) A trustworthy usage control enforcement framework. In: 6th international conference on ARES

  74. Neisse R, Wegdam M, van Sinderen M (2008) Trustworthiness and quality of context information. In: 9th conference for young computer scientists, Hunan

  75. Nguyen DH, Mynatt ED (2002) Privacy mirrors: understanding and shaping socio-technical ubiquitous computing systems. Technical report GIT-GVU-02-16, Georgia Techniques, Atlanta

  76. OASIS (2012) Extensible access control markup language (XACML). http://www.oasis-open.org/committees/xacml/ Accessed 15 Feb 2013

  77. OECD (1980) Guidelines on the protection of privacy and transborder flows of personal data

  78. Official Journal of the European Communities (2002) EU Directive 2002/58/ec on the processing of personal data and the protection of privacy in the electronic communications sector

  79. Official Journal of the European Communities (1995) EU Directive 95/46/ec on the protection of individuals with regard to the processing of personal data and the free movement of such data

  80. Oglaza A, Laborde R, Zaraté P (2013) Authorization policies: using decision support system for context-aware protection of user’s private data. In: IEEE international symposium on UbiSafe computing

  81. Okagawa T, Nishida K, Miura A (2003) A proposed routing procedure in IP2. In: IEEE 58th VTC, vol 3

  82. OpenID (2013) Foundation website. http://openid.net/ Accessed 15 Feb 2013

  83. Paquin C (2011) U-prove technology overview. http://research.microsoft.com/apps/pubs/default.aspx?id=166980

  84. Pearson S (2012) Privacy management in global organisations. In: Communications and multimedia security, Springer

  85. Pearson S, Casassa Mont M (2011) Sticky policies: an approach for managing privacy across multiple parties. IEEE Comput 44(9):60–68

    Article  Google Scholar 

  86. Perera C, Zaslavsky A, Christen P, Georgakopoulos D (2013) Context aware computing for the Internet of Things: a survey. Commun Surv Tutor, IEEE PP (99):1–41. doi:10.1109/SURV.2013.042313.00197. ISSN 1553-877X

    Article  Google Scholar 

  87. Pfitzmann A, Waidner M (1985) Networks without user observability: design options. In: Advances in cryptology—EUROCRYPT, workshop on the theory and application of cryptographic techniques, Linz, Austria. Lecture notes in computer science, vol 219. Springer, Berlin, pp 245–253

    Google Scholar 

  88. Preuveneers D, Berbers Y (2006) Quality extensions and uncertainty handling for context ontologies. In: Proceedings of context and ontologies: theory practice and applications, Italy

  89. Preuveneers D, Berbers Y (2007) Architectural backpropagation support for managing ambiguous context in smart environments. In: Fourth conference on universal access in HCI. Lecture notes in computer science, vol 4555. Springer, Berlin

    Google Scholar 

  90. Privacy by Design Resolution (2010) Data protection and 32nd conference of privacy commissioners. http://www.privacybydesign.ca/content/uploads/2010/11/pbd-resolution.pdf. Jerusalem, Israel Accessed 15 Feb 2013

  91. Ranganathan A, Al-Muhtadi J, Campbell RH (2004) Reasoning about uncertain contexts in pervasive computing environments. IEEE Pervasive Comput 3(2):10–18

    Article  Google Scholar 

  92. Roman R, Najera P, Lopez J (2011) Securing the Internet of Things. IEEE Comput 44(9):51–58

    Article  Google Scholar 

  93. Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed Internet of Things. Comput Netw 57(10):2266–2279

    Article  Google Scholar 

  94. Satyanarayanan M, Bahl P, Caceres R, Davies N (2009) The case for VM-based cloudlets in mobile computing. IEEE Pervasive Comput 8:14–23

    Article  Google Scholar 

  95. Schmid S, Eggert L, Brunner M, Quittek J (2005) TurfNet: an architecture for dynamically composable networks. In: Autonomic communication. Lecture notes in computer science, vol 3457. Springer, Berlin

    Google Scholar 

  96. Schmidt A (2006) Ontology-based user context management: the challenges of imperfection and time-dependence. In: Conference on ontologies, databases and applications. Lecture notes in computer science, vol 4275. Springer, Berlin

    Google Scholar 

  97. Schrammel J, Hochleitner C, Tscheligi M (2011) Privacy, trust and interaction in the Internet of Things. In: Ambient intelligence. Lecture notes in computer science, vol 7040. Springer, Berlin, pp 378–379

    Google Scholar 

  98. Sheikh K, Wegdam M, Sinderen MV (2008) Quality-of-context and its use for protecting privacy in context-aware systems. J Softw 3(3):83–93

    Article  Google Scholar 

  99. Shen Y, Pearson S (2011) Privacy enhancing technologies: a review. Technical report HPL-2011-113, HP Labs

  100. Shibboleth (2013) Consortium website. http://shibboleth.net/ Accessed 15 Feb 2013

  101. Solove D (2006) A taxonomy of privacy. Univ Pennsylvania Law Rev 153(3):477

    Article  Google Scholar 

  102. Stepien B, Matwin S, Felty A (2011) Advantages of a non-technical XACML notation in role-based models. In: 9th annual international conference on privacy, security and trust (PST), pp 193–200

  103. Sweeney L (2002) k-anonymity: a model for protecting privacy. J Uncertain Fuzziness Knowl Based Syst 10(5):557– 570

    Article  MATH  MathSciNet  Google Scholar 

  104. Toch E, Wang Y, Cranor L (2012) Personalization and privacy: a survey of privacy risks and remedies in personalization-based systems. User Model User-Adap Inter 22(1–2):203–220

    Article  Google Scholar 

  105. Twidle K, Dulay N, Lupu E, Sloman M (2009) Ponder2: a policy system for autonomous pervasive environments. In: IEEE workshop on policies for distributed systems and networks

  106. Van Blarkom GW, Borking JJ, Olk JGE (2003) Handbook of privacy and privacy-enhancing technologies: the case of intelligent softwares. College Bescherming Persoonsgegevens, The Hague

  107. W3C (2011) The platform for Privacy Preferences (P3P) Project. http://www.w3.org/P3P/ Accessed 15 Feb 2013

  108. Wang Y, Kobsa A (2008) Handbook of research on social and organizational liabilities in information security, chapter privacy enhancing technology. IGI Publishing, Hershey

    Google Scholar 

  109. Warren SD, Brandeis LD (1890) The right to privacy. Harvard Law Rev 4(5):193–220

    Article  Google Scholar 

  110. Wishart R, Henricksen K, Indulska J (2005) Context obfuscation for privacy via ontological descriptions. In: 1st international workshop on location and context-awareness (LoCA). Lecture notes in computer science, vol 3479. Springer, Berlin

  111. Yasar A-U-H, Paridel K, Preuveneers D, Berbers Y (2011) When efficiency matters: towards quality of context-aware peers for adaptive communication in VANETs. In: Intelligent vehicles symposium, Germany

  112. Ylitalo J, Nikander P (2006) BLIND: a complete identity protection framework for end-points. In: Security protocols. Lecture notes in computer science, vol 3957. Springer, Berlin

    Google Scholar 

Download references

Acknowledgments

This work is part of the French National Research Agency (ANR) project INCOME (ANR-11-INFR-009, 2012-2015).

Author information

Authors and Affiliations

  1. Télécom SudParis, UMR CNRS 5157 SAMOVAR, 9 rue Charles Fourier, 91011, Evry, France

    Sophie Chabridon & Samer Machara Marquez

  2. Université de Toulouse, IRIT UMR, Toulouse, 5505, France

    Romain Laborde, Thierry Desprats, Arnaud Oglaza & Pierrick Marie

Authors
  1. Sophie Chabridon
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Romain Laborde
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thierry Desprats
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Arnaud Oglaza
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Pierrick Marie
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Samer Machara Marquez
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sophie Chabridon.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Chabridon, S., Laborde, R., Desprats, T. et al. A survey on addressing privacy together with quality of context for context management in the Internet of Things. Ann. Telecommun. 69, 47–62 (2014). https://doi.org/10.1007/s12243-013-0387-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12243-013-0387-2

Keywords

Search

Navigation