Marcel Heupel

Towards Transparent Anonymity for User-controlled Servers Supporting Collaborative Scenarios

The increasing tendency of using user-controlled servers for supporting different scenarios from leisure and professional life raises new security challenges. Especially when those servers are used to support collaborative scenarios (e.g., communication and sharing with others), the requirement for anonymity at the network level should be supported in an efficient way. In this paper we present a specific communication scenario that could lead to link ability even though anonymous networks are used. The requirements gathering is based on realistic requirements from the EU FP7 di.me project requiring to empower lay end-users to collaborate with their contacts. Thereby anonymity at the network level also needs to be considered in order to disguise the physical location of the users and also of their server(s). We present an approach satisfying these anonymity requirements by means of a Tor based software component in order to overcome such privacy problems. First results are presented and the portability of the suggested solution for similar settings as well as future work directions are discussed.

Context-Aware, Trust-Based Access Control for the di.me Userware

Trust calculation to inform privacy recommendations based on context information involvement (e.g. location information, nearby people) is an increasing need in pervasive environments. In this paper we present a multidimensional trust metric designed for access control decisions in scenarios of the EU funded digital.me project. Thereby each involved context information could represent a separate trust dimension. In the focus is the correctness of the suggested trust metric towards meaningful privacy recommendations and improvement of access control decisions for our scenarios. The suggested metric could help to avoid manipulations and attacks based on fundamental requirements for situational trust. Our proposed trust calculation considers a presence history of persons at locations, to increase the accuracy of our base trust value. We present our approach after explaining the fundamental requirements, the underlying ontology framework and architecture.

Enhancing privacy in collaborative scenarios utilising a flexible proxy layer

In this paper we present our approach for a flexible proxy layer, allowing the parallel use of anonymous and direct network communication depending on specific scenarios or user preferences. The requirements are derived from scenarios from the european research project di. me, targeting to support end users in keeping control of their personal data and digital footprints. In the targeted scenarios, the use of anonymous network communication is an essential prerequisite for certain use cases (e.g. like pseudonymous communication), because of the special architecture, where each user has its own server holding his private data. Especially, the presented approach solves linkability which could arise when using SSL certificates/x.509 certificates and addresses various potential attacks. A detailed specification is given and important implementation details are addressed.

Privacy-preserving concepts for supporting recommendations in decentralized OSNs

Recommender systems depend on the amount of available and processable information for a given purpose. Trends towards decentralized online social networks (OSNs), promising more user control by means of privacy preserving mechanisms, lead to new challenges for (social) recommender systems. Information, recommender algorithms rely on, is no longer available, (i.e. central user registries, friends of friends), thus shared data is reduced and centralized processing becomes difficult. In this paper we address such drawbacks based on identified needs in the decentralized OSN di.me and present concepts overcoming those for selected functionalities. Besides this, we tackle the support of privacy advisory, warning the user of risks when sharing data.

Considering Interdependent Protection Goals in Domain-Specific Contexts: The di.me Case Study

In domain-specific contexts such as ecosystems of equal applications, usually individual requirements in terms of quality attributes and interdependent protection goals arise which need to be taken into account for e.g., deployment decisions. Current Quality-of-Service (QoS) models however are mostly static and handle security either as single attribute or decompose it into several independent attributes. In this paper we present our approach, which addresses this gap by defining protection goals as interdependent utility functions over QoS attributes. We show an application of this approach on the EU FP7 project di.me, namely the di.me ecosystem of private user deployed and managed servers.

Towards usable interfaces for proof based access rights on mobile devices

Access rights management is in the middle of many collaboration forms such as group formation or sharing of information in different kinds of scenarios. There are some strong mechanisms to achieve this, like anonymous credential systems. However in general their usage is not very intuitive for lay users. In this paper we show the potential of using proof-based credential systems like Idemix to enhance the usability of privacy-respecting social interaction in different collaborative settings. For instance transparently performing authorization without any user intervention at the level of the user interface becomes possible. In order to improve the usability, we complement this by introducing a mental model for intuitive management of digital identities. The approach should also empower users to define their own access restrictions when sharing data, by building custom proof specifications on the fly. We show this exemplary with a developed prototype application for supporting collaborative scenarios on a mobile device. We also present first evaluation results of an early prototype and address current as well as future work.

Enhancing the Security and Usability of Dui Based Collaboration with Proof Based Access Control

Managing access control (AC) of shared resources is at the heart of any collaboration platform. Thereby, the usability of used AC techniques is crucial for projects with high expectations to fast response times within targeted collaboration processes. In this paper, we address the special case of using the anonymous credential system idemix in a project dealing with distributed user interfaces (DUIs) to enhance decision making in disaster situations. We show the potential of using idemix to enhance the usability of decision making in crisis situations by using DUIs while considering security and privacy. We present this exemplary by means of a developed prototypic collaborative environment, composed by a WallShare based server-side and mobile application for supporting collaborative scenarios within the ReSCUeIT project. Since DUI based collaboration demands wide-support of multiple devices, especially mobile ones, we further present IdeREST, a REST-full idemix integration and idemiX++, the first C++ based implementation of idemix worldwide, to the best of our knowledge. With both we show how to overcome the current gap related to the simultaneous support on non-Java devices such as Windows Phone 7/8 along with performance improvements on Android based platforms when using idemix as an exemplary anonymous credential system.

A generic location-based mobile application framework supporting privacy-preserving end-user tailorability

Location is the fey factor in defining context information of todays mobile applications and services. As a matter of fact, location is increasingly used to stimulate collaboration in various ways and location-aware applications experienced a wide-spread usage. However, existing mobile services, even those which are Web enabled, do not support end-user tailorability. For example, at the level of defining community-specific points of interest of any type on both user interface (UI) and server-side level. In this paper, we identify the need for supporting such end-user tailorability based on performed analysis of various use cases related to collaborative location-based scenarios in mobile settings. We present a generic framework for collaborative mobile applications and services that support privacy respecting location-based scenarios. We demonstrate this with the means of an iOS based prototype. Our prototype allows different communities to define their own points of interests in a generic manner (at-runtime) by simultaneously supporting group collaboration functionality (e.g., communication, awareness, etc.). The distributed architecture can also be tailored according to privacy needs.