NESL Technical Report #: 2012-8-2
Abstract: Smart phones with increased computation and sensing capabilities have spurred the growth of a new generation of context-aware apps. These apps often make judicious use of the readily-available sensor data to infer users' personal context but most do provide some useful service in return. However, sharing sensor data with apps leaves room for abuse; a malicious app can extract information that is sensitive and considered private by the user. Current approaches to mitigate the privacy concerns rely on simple user-specified policies that consist of static rules and are limited to binary access control. These rules are often conservative and lead to a sharp decline in application utility. In this paper we aim to address the above challenge of balancing user privacy and application utility. To this end, we present OVERRIDE: a mobile privacy framework that empowers users to control the sensor data being delivered to apps. It does so by providing apps access to perturbed or even synthetic sensor data streams. We discuss the key architectural elements of OVERRIDE and its prototype implementation on the Android platform. We highlight its ability to give users increased transparency and control over shared sensor data, and then discuss its other secondary benefits.
Publication Forum: PhoneSense (SenSys Workshop)
Page (Count): 5
Public Document?: Yes
NESL Document?: Yes
Document category: Conference Paper