Sadek Ferdous

Analysing privacy in visual lifelogging

The visual lifelogging activity enables a user, the lifelogger, to passively capture images from a first-person perspective and ultimately create a visual diary encoding every possible aspect of her life with unprecedented details. In recent years, it has gained popularities among different groups of users. However, the possibility of ubiquitous presence of lifelogging devices specifically in private spheres has raised serious concerns with respect to personal privacy. In this article, we have presented a thorough discussion of privacy with respect to visual lifelogging. We have re-adjusted the existing definition of lifelogging to reflect different aspects of privacy and introduced a first-ever privacy threat model identifying several threats with respect to visual lifelogging. We have also shown how the existing privacy guidelines and approaches are inadequate to mitigate the identified threats. Finally, we have outlined a set of requirements and guidelines that can be used to mitigate the identified threats while designing and developing a privacy-preserving framework for visual lifelogging.

Decentralised Runtime Monitoring for Access Control Systems in Cloud Federations

Cloud federation is an emergent cloud-computing paradigm where partner organisations share data and services hosted on their own cloud platforms. In this context, it is crucial to enforce access control policies that satisfy data protection and privacy requirements of partner organisations. However, due to the distributed nature of cloud federations, the access control system alone does not guarantee that its deployed components cannot be circumvented while processing access requests. In order to promote accountability and reliability of a distributed access control system, we present a decentralised runtime monitoring architecture based on blockchain technology.

Privacy threat model in lifelogging

The lifelogging activity enables a user, the lifelogger, to passively capture multimodal records from a first-person perspective and ultimately create a visual diary encompassing every possible aspect of her life with unprecedented details. In recent years it has gained popularity among different groups of users. However, the possibility of ubiquitous presence of lifelogging devices especially in private spheres has raised serious concerns with respect to personal privacy. Different practitioners and active researchers in the field of lifelogging have analysed the issue of privacy in lifelogging and proposed different mitigation strategies. However, none of the existing works has considered a well-defined privacy threat model in the domain of lifelogging. Without a proper threat model, any analysis and discussion of privacy threats in lifelogging remains incomplete. In this paper we aim to fill in this gap by introducing a first-ever privacy threat model identifying several threats with respect to lifelogging. We believe that the introduced threat model will be an essential tool and will act as the basis for any further research within this domain.

Exploring lifelog sharing and privacy

The emphasis on exhaustive passive capturing of images using wearable cameras like Autographer, which is often known as lifelogging has brought into foreground the challenge of preserving privacy, in addition to presenting the vast amount of images in a meaningful way. In this paper, we present a user-study to understand the importance of an array of factors that are likely to influence the lifeloggers to share their lifelog images in their online circle. The findings are a step forward in the emerging area intersecting HCI, and privacy, to help in exploring design directions for privacy mediating techniques in lifelogging applications.

A user-study examining visualization of lifelogs

With continuous advances in the pervasive sensing and lifelogging technologies for the quantified self, users now can record their daily life activities automatically and seamlessly. In the existing lifelogging research, visualization techniques for presenting the lifelogs and evaluating the effectiveness of such techniques from a lifeloggers perspective has not been adequately studied. In this paper, we investigate the effectiveness of four distinct visualization techniques for exploring the lifelogs, which were collected by 22 lifeloggers who volunteered to use a wearable camera and a GPS device simultaneously, for a period of 3 days. Based on a user study with these 22 lifeloggers, which required them to browse through their personal lifelogs, we seek to identify the most effective visualization technique. Our results suggest various ways to augment and improve the visualization of personal lifelogs to enrich the quality of user experience and making lifelogging tools more engaging. We also propose a new visualization feature-drill-down approach with details-on-demand, to make the lifelogging visualization process more meaningful and informative to the lifeloggers.

A Distributed Infrastructure for Democratic Cloud Federations

Cloud federation is a novel concept that has been drawing attention from research and industry. However, there is a lack of solid proposal that can be widely adopted in practice to guarantee adequate governance of federations, especially in the Public Sector contexts due to legal requirements. In this paper, we propose an innovative governance approach that ensures distributed and democratic control in cloud federations. Starting from FaaS, a recent cloud federation proposal, we propose a blockchain infrastructure for the federation registry that implements the proposed governance approach.

Formalising Identity Management protocols

In this paper we present the formalisation of three well-known Identity Management protocols - SAML, OpenID and OAuth. The formalisation consists of two steps: formal specification using HLPSL (High-Level Protocol Specification Language) and formal verification using a state-of-the-art verification tool for security protocols called AVISPA (Automated Validation of Internet Security Protocols and Applications). The existing formalisation initiatives using AVISPA are based on SAML and OpenID, leaving OAuth entirely, even though OAuth is one of the most widely-used Internet protocols. Furthermore, the motivation of the existing initiatives was to identify any weakness. In this paper, we have taken an opposite approach as we are keen to present how to model these protocols correctly. Moreover, our formalisation is based on a model of identity and also captures the authentication mechanism; both of these are missing in the existing works.

Understanding lifelog sharing preferences of lifeloggers

The lifelogging activity enables users, the lifeloggers, to passively capture images using wearable cameras from a first person perspective and ultimately create a visual diary encoding every possible aspect of their life with unprecedented details. This growing phenomenon, has posed several privacy concerns for the lifeloggers (people wearing the device), and bystanders (any person who is captured in the images). In this paper, we present a user- study to understand the sharing preferences of the lifeloggers for the images captured in difference scenarios with different audience groups. Our findings motivate the need to design privacy preserving techniques, which will automatically recommend sharing decisions which will help the lifeloggers avoid misclosure, i.e. wrongly sharing a sensitive image with one or more sharing groups.

Geo-tagging news stories using contextual modelling

With the ever-increasing popularity of Location-based Services, geo-tagging a document - the process of identifying geographic locations (toponyms) in the document - has gained much attention in recent years. There have been several approaches proposed in this regard and some of them have reported to achieve higher level of accuracy. The existing geo-tagging approaches perform well at the city or country level, unfortunately, the performance degrades when the same approach is applied to geo-tag at the street/locality level for a specific city. Moreover, these geo-tagging approaches fail completely in the absence of a place mentioned in a document. In this paper, we propose an algorithm to address these two limitations by introducing a model of contexts with respect to a news story. Our algorithm evolves around the idea that a news story can be geo-tagged not only using the place(s) found in the news, but also by geo-tagging certain aspects of its context. An implementation of our proposed approach is presented and its performance is evaluated on a unique data set. Our findings suggest an improvement over existing approaches in street level geo-tagging for a specific city as well as in geo-tagging a news story even when no place is mentioned in it.