Marcin Nagy

Intuitive Security Policy Configuration in Mobile Devices Using Context Profiling

Configuring access control policies in mobile devices can be quite tedious and unintuitive for users. Software designers attempt to address this problem by setting up default policy configurations. But such global defaults may not be sensible for all users. Modern smart phones are capable of sensing a variety of information about the surrounding environment like Bluetooth devices, WiFi access points, temperature, ambient light, sound and location coordinates. We conjecture that profiling this type of contextual information can be used to infer the familiarity and safety of a context and aid in access control decisions. We propose a context profiling framework and describe device locking as an example application where the locking timeout and unlocking method are dynamically decided based on the perceived safety of current context. We report on using datasets from a large scale smart phone data collection campaign to select parameters for the context profiling framework. We also describe a prototype implementation on a smart phone platform. More generally, we hope that our example design and implementation spurs further research on the notion of using context profiling towards automating security policy decisions and identify other applications.

CrowdShare: secure mobile resource sharing

Mobile smart devices and services have become an integral part of our daily life. In this context there are many compelling scenarios for mobile device users to share resources. A popular example is tethering. However, sharing resources also raises privacy and security issues. In this paper, we present CrowdShare, a complete framework and its (Android) implementation for secure and private resource sharing among nearby devices. CrowdShare provides pseudonymity for users, accountability of resource usage, and the possibility of specifying access control in terms of social network relationships. Further, CrowdShare preserves secure connectivity between nearby devices even in the absence of the mobile infrastructure. We have implemented CrowdShare on Android devices and report good performance results.

Congestion control using FEC for conversational multimedia communication

In this paper, we propose a new rate control algorithm for conversational multimedia flows. In our approach, along with Real-time Transport Protocol (RTP) media packets, we propose sending redundant packets to probe for available bandwidth. These redundant packets are Forward Error Correction (FEC) encoded RTP packets. A straightforward interpretation is that if no losses occur, the sender can increase the sending rate to include the FEC bit rate, and in the case of losses due to congestion the redundant packets help in recovering the lost packets. We also show that by varying the FEC bit rate, the sender is able to conservatively or aggressively probe for available bandwidth. We evaluate our FEC-based Rate Adaptation (FBRA) algorithm in a network simulator and in the real-world and compare it to other congestion control algorithms.

PeerShare: A System Secure Distribution of Sensitive Data among Social Contacts

We present the design and implementation of the PeerShare , a system that can be used by applications to securely distribute sensitive data to social contacts of a user. PeerShare incorporates a generic framework that allows different applications to distribute data with authenticity and confidentiality guarantees to authorized sets of recipients, specified in terms of social relationships. By using existing interfaces in popular social networks for user authentication and social graph information, PeerShare is designed to be easy to use for both end users as well as developers of applications. We have used PeerShare already in three different applications and plan to make it available for developers.

How far removed are you?: scalable privacy-preserving estimation of social path length with Social PaL

Social relationships are a natural basis on which humans make trust decisions. Online Social Networks (OSNs) are increasingly often used to let users base trust decisions on the existence and the strength of social relationships. While most OSNs allow users to discover the length of the social path to other users, they do so in a centralized way, thus requiring them to rely on the service provider and reveal their interest in each other. This paper presents Social PaL, a system supporting the privacy-preserving discovery of arbitrary-length social paths between any two social network users. We overcome the bootstrapping problem encountered in all related prior work, demonstrating that Social PaL allows its users to find all paths of length two and to discover a significant fraction of longer paths, even when only a small fraction of OSN users is in the Social PaL system -- e.g., discovering 70% of all paths with only 40% of the users. We implement Social PaL using a scalable server-side architecture and a modular Android client library, allowing developers to seamlessly integrate it into their apps.

PeerSense: Who is near you?

We present PeerSense, a system that provides meaningful co-presence information which serves as an enabler for various applications that require users current social proximity information, for example contextual photo-sharing. Unlike traditional approaches for inferring co-presence, PeerSense is both privacy-preserving and easy-to-use.

Enhancing Opportunistic Networks with Legacy Nodes

Mobile opportunistic networking utilizes device-to-device communication to provide messaging and content sharing mechanisms between mobile users without the need for supporting infrastructure networks. However, enabling opportunistic networking in practice requires a sufficient number of users to download, install, and run the respective routing and application software to provide sufficient node density, and thus connectivity for the network to actually function. In this paper, we explore reaching out to nodes that have not (yet) installed any dedicated software to: (1) allow them to access public content in an opportunistic network to possibly seed their interest and (2) instrument them to assist as (limited) message carriers to improve connectivity. We report on our system design and implementation and offer performance insights gained from simulations and initial experiments.

Enhancing opportunistic networks with legacy nodes

Mobile opportunistic networking utilizes device-to-device communication to provide messaging and content sharing mechanisms between mobile users without the need for supporting infrastructure networks. However, enabling opportunistic networking in practice requires a sufficient number of users to download, install, and run the respective routing and application software to provide sufficient node density, and thus connectivity for the network to actually function. In this paper, we explore reaching out to nodes that have not (yet) installed any dedicated software to: (1) allow them to access public content in an opportunistic network to possibly seed their interest and (2) instrument them to assist as (limited) message carriers to improve connectivity. We report on our system design and implementation and offer performance insights gained from simulations and initial experiments.

On improving tie strength estimates by aggregating multiple communication channels

The degree of closeness in a relationship is characterized as tie strength. Estimates of tie strength can be useful in many contexts, including as a parameter in access control policies or social context based services. Several papers have proposed how tie strength can be estimated by quantifying interactions in different individual communication channels such as online social networks, phone communication and face-to-face encounters. It has been conjectured by Wiese et al. [1] that considering only a single communication channel may not lead to accurate estimates of tie strengths. In this paper, we explore this conjecture by examining whether the combination of co-location events and mobile communication data can lead to better tie strength estimations than considering each channel individually. Surprisingly, our results indicate that the conjecture may not be true, but further analysis with more extensive datasets is needed to confirm the result.