Drew Davidson
ABSTRACT
Privacy and personalization of mobile experiences are inherently in conflict: better personalization demands knowing more about the user, potentially violating user privacy. A promising approach to mitigate this tension is to migrate personalization to the client, an approach dubbed client-side personalization. This paper advocates for operating system support for client-side personalization and describes MoRePriv, an operating system service implemented in the Windows Phone OS. We argue that personalization support should be as ubiquitous as location support, and should be provided by a unified system within the OS, instead of by individual apps.
We aim to provide a solution that will stoke innovation around mobile personalization. To enable easy application personalization, MoRePriv approximates users' interests using personae such as technophile or business executive. Using a number of case studies and crowd-sourced user studies, we illustrate how more complex personalization tasks can be achieved using MoRePriv.
For privacy protection, MoRePriv distills sensitive user information to a coarse-grained profile, which limits the potential damage from information leaks. We see MoRePriv as a way to increase end-user privacy by enabling client-side computing, thus minimizing the need to share user data with the server. As such, MoRePriv shepherds the ecosystem towards a better privacy stance by nudging developers away from today's privacy-violating practices. Furthermore, MoRePriv can be combined with privacy-enhancing technologies and is complimentary to recent advances in data leak detection.
- Application privacy. http://www.applicationprivacy.org/?page_id=39.Google Scholar
- Mobile app privacy policies are now the law. http://www.truste.com/blog/2012/03/02/mobile-app-privacy-policies-are-now-the-law.Google Scholar
- J. B. Almeida, E. Bangerter, M. Barbosa, S. Krenn, A.-R. Sadeghi, and T. Schneider. A certifying compiler for zero-knowledge proofs of knowledge based on σ-protocols. In Proceedings of the European Conference on Research in Computer Security, 2010. Google ScholarDigital Library
- M. Backes, M. Maffei, and K. Pecina. Automated synthesis of privacy-preserving distributed applications. In Proceedings of the Network and Distributed System Security Symposium, 2012.Google Scholar
- J. Balasch, A. Rial, C. Troncoso, B. Preneel, I. Verbauwhede, and C. Geuens. Pretp: privacy-preserving electronic toll pricing. In Proceedings of the Usenix Conference on Security, 2010. Google ScholarDigital Library
- T. Ball, E. Bounimova, B. Cook, V. Levin, J. Lichtenberg, C. McGarvey, B. Ondrusek, S. K. Rajamani, and A. Ustuner. Thorough static analysis of device drivers. In Proceedings of the European Conference on Computer Systems, 2006. Google ScholarDigital Library
- M. Bellare and O. Goldreich. On defining proofs of knowledge. In Proceedings of the International Cryptology Conference on Advances in Cryptology, 1993. Google ScholarDigital Library
- R. Bhaskar, S. Guha, S. Laxman, and P. Naldurg. Verito: A Practical System for Transparency and Accountability in Virtual Economies. In Proceedings of the 20th Network and Distributed System Security Symposium (NDSS), San Diego, CA, Feb 2013.Google Scholar
- S. Brands. Rapid demonstration of linear relations connected by boolean operators. In Proceedings of the International Conference on Theory and Application of Cryptographic Techniques, 1997. Google ScholarDigital Library
- J. Camenisch, R. Chaabouni, and A. Shelat. Efficient protocols for set membership and range proofs. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, 2008. Google ScholarDigital Library
- J. Camenisch and M. Michels. Proving in zero-knowledge that a number is the product of two safe primes. In Proceedings of the 17th international conference on Theory and application of cryptographic techniques, 1999. Google ScholarDigital Library
- L. F. Cranor. Designing personalized user experiences in ecommerce. In Proceedings of the 2003 ACM Workshop on Privacy in the Electronic Society, 2004.Google Scholar
- G. Danezis, M. Kohlweiss, B. Livshits, and A. Rial. Private client-side profiling with random forests and hidden Markov models. In Proceedings of the International Conference on Privacy Enhancing Technologies, 2012. Google ScholarDigital Library
- M. Egele, C. Kruegel, E. Kirda, and G. Vigna. PiOS: Detecting privacy leaks in iOS applications. In Proceedings of the Network and Distributed System Security Symposium, Feb. 2011.Google Scholar
- S. Egelman, A. P. Felt, and D. Wagner. Choice architecture and smartphone privacy: There's a price for that. In WEIS, 2012.Google Scholar
- W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the Usenix Conference on Operating Systems Design and Implementation, 2010. Google ScholarDigital Library
- A. P. Felt, E. Ha, S. Egelman, A. Haney, E. Chin, and D. Wagner. Android permissions: User attention, comprehension, and behavior. In Proceedings of SOUPS, 2012. Google ScholarDigital Library
- M. Fredrikson and B. Livshits. RePriv: Re-envisioning in-browser privacy. In IEEE Symposium on Security and Privacy, May 2011.Google Scholar
- C. Gentry. Fully homomorphic encryption using ideal lattices. In Proceedings of the ACM Symposium on Theory of computing, 2009. Google ScholarDigital Library
- M. Grace, W. Zhou, X. Jiang, and A.-R. Sadeghi. Unsafe exposure analysis of mobile in-app advertisements. In Proceedings of the Conference on Security and Privacy in Wireless and Mobile Networks, Apr. 2012. Google ScholarDigital Library
- A. Guha, M. Fredrikson, B. Livshits, and N. Swamy. Verified security for browser extensions. In IEEE Symposium on Security and Privacy, May 2011. Google ScholarDigital Library
- S. Guha, B. Cheng, and P. Francis. Privad: practical privacy in online advertising. In Proceedings of the Usenix Conference on Networked systems design and implementation, 2011. Google ScholarDigital Library
- S. Guha, A. Reznichenko, K. Tang, H. Haddadi, and P. Francis. Serving Ads from localhost for Performance, Privacy, and Profit. In Proceedings of Hot Topics in Networking, Nov. 2009.Google Scholar
- S. Han, J. Jung, and D. Wetherall. A study of third-party tracking by mobile apps in the wild. Technical report, University of Washington, Mar. 2012.Google Scholar
- P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall. These aren't the droids you're looking for: Retrofitting Android to protect data from imperious applications. In Proceedings of the International Symposium on Information, Computer, and Communications Security, 2011. Google ScholarDigital Library
- Y. Z. X. Jiang. Detecting passive content leaks and pollution in android applications. In Proceedings of the 20th Network and Distributed System Security Symposium (NDSS), Feb 2013.Google Scholar
- A. Juels. Targeted advertising... and privacy too. In Proceedings of the Conference on Topics in Cryptology, Apr. 2001. Google ScholarDigital Library
- A. Kobsa. Privacy-enhanced personalization. Commununications of the ACM, 50(8), Aug. 2007. Google ScholarDigital Library
- A. Kobsa, B. Knijnenburg, and B. Livshits. Let's do it at my place? attitudinal and behavioral study of privacy in client-side personalization. In Proceedings of the ACM CHI Conference on Human Factors in Computing Systems Proceedings, Apr. 2014. Google ScholarDigital Library
- A. Kobsa and J. Schreck. Privacy through pseudonymity in user-adaptive systems. ACM Transactions Internet Technologies, 3(2), May 2003. Google ScholarDigital Library
- B. Livshits and J. Jung. Automatic mediation of privacy-sensitive resource access in smartphone applications. In Proceedings of the Usenix Conference on Security, 2013. Google ScholarDigital Library
- J. R. Mayer and J. C. Mitchell. Third-party Web tracking: Policy and technology. In IEEE Symposium on Security and Privacy, May 2012. Google ScholarDigital Library
- S. Meiklejohn, C. C. Erway, A. Küpçü, T. Hinkle, and A. Lysyanskaya. Zkpdl: a language-based system for efficient zero-knowledge proofs and electronic cash. In Proceedings of the Usenix Conference on Security, 2010. Google ScholarDigital Library
- R. Mittal, A. Kansal, and R. Chandra. Empowering developers to estimate app energy consumption. In Proceedings of the International Conference on Mobile Computing and Networking, 2012. Google ScholarDigital Library
- A. Nadkarni and W. Enck. Preventing accidental data disclosure in modern operating systems. In ACM Conference on Computer and Communications Security, pages 1029--1042, 2013. Google ScholarDigital Library
- P. Norberg, D. Horne, and D. Horne. The privacy paradox: Personal information disclosure intentions versus behaviors. Journal of Consumer Affairs, 41(1), 2007.Google ScholarCross Ref
- L. Pareschi, D. Riboni, A. Agostini, and C. Bettini. C.: Composition and generalization of context data for privacy preservation. In In: Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom 2008), Proceedings of the Workshops, IEEE Computer Society, 2008. Google ScholarDigital Library
- A. M. Rashid, G. Karypis, and J. Riedl. Learning preferences of new users in recommender systems: An information theoretic approach. SIGKDD Explor. Newsl., 10(2):90--100, Dec. 2008. Google ScholarDigital Library
- A. Rial and G. Danezis. Privacy-preserving smart metering. In Proceedings of the Workshop on Privacy in the Electronic Society, 2011. Google ScholarDigital Library
- E. Rich. User modeling via stereotypes. Cognitive Science, 3, 1979.Google Scholar
- C.-P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4, 1991.Google Scholar
- S. Spiekermann, J. Grossklags, and B. Berendt. E-privacy in 2nd generation e-commerce: privacy preferences versus actual behavior. In Proceedings of the 3rd ACM conference on Electronic Commerce, EC '01, 2001. Google ScholarDigital Library
- R. Stevens, C. Gibler, J. Crussell, J. Erickson, and H. Chen. Investigating user privacy in android ad libraries. In MoST 2012: Mobile Security Techologies (2012), 2009.Google Scholar
- V. Toubiana, A. Narayanan, D. Boneh, H. Nissenbaum, and S. Barocas. Adnostic: Privacy preserving targeted advertising. In Proceedings of the Network and Distributed System Security Symposium, Feb. 2010.Google Scholar
- N. Vallina-Rodriguez, J. Shah, A. Finamore, Y. Grunenberger, K. Papagiannaki, H. Haddadi, and J. Crowcroft. Breaking for commercials: characterizing mobile advertising. In Proceedings of the 2012 ACM conference on Internet measurement conference, 2012. Google ScholarDigital Library
- Y. Zhou, X. Zhang, X. Jiang, and V. W. Freeh. Taming information-stealing smartphone applications (on android). In Proceedings of the 4th international conference on Trust and trustworthy computing, TRUST'11, pages 93--107, Berlin, Heidelberg, 2011. Springer-Verlag. Google ScholarDigital Library
Recommendations
Privacy through pseudonymity in user-adaptive systems
User-adaptive applications cater to the needs of each individual computer user, taking for example users' interests, level of expertise, preferences, perceptual and motoric abilities, and the usage environment into account. Central user modeling servers ...
A privacy-enhancing model for location-based personalized recommendations
To receive personalized recommendation, users of a location-based service (e.g., a Location-Based Social Network, LBSN) have to provide personal information and preferences to the location-based service. However, detailed personal information could be ...
Privacy-enhanced personalization
CHI EA '06: CHI '06 Extended Abstracts on Human Factors in Computing SystemsConsumer surveys show that online users value personalized content [5]. At the same time, providing personalization on websites seems quite profitable for web vendors [2, 6-8]. This win-win situation is however marred by privacy concerns since ...
Comments