Security and Privacy in
Ubicomp quick overview
Privacy and security discussion
David Nguyen – guest student
Move beyond desktop machine
Computing is embedded everywhere in the
Known by many things…
– “off the desktop”, “out of the box”, pervasive,
invisible, wearable, calm, anytime/anywhere/any
The father of ubicomp
Computing Project in
American article got
the ball rolling
“The most profound technologies
are those that disappear”
Computing capabilities, any time, any
Machines sense users’ presence and
Ubicomp is ...
– mobile computing
– wearable computing
– augmented reality
In contrast with:
– virtual reality
Some scenarios – the
Smart meeting room
– Automatically adjusts room conditions
– automatically links the devices everyone is using
to each other and the display so people can
easily push and pull information
– Shares needed info with remote participants
– Automatically creates a meeting record for
everyone there, stores it properly, etc…
Some scenarios – the
Rooms adjust to people and activities – turn on
lights, don’t bother family during dinner, etc...
Reminds or alerts people of activities (soccer game
at 7), problems (heater malfunctioning), needs (out
Records family memories – first steps, Christmas…
Helps communicate and connect with outside family
members – shared audio / video / photos /
message boards, etc.
Locates your keys, favorite sweater, that important
Monitors your health and alerts to problems
Some scenarios – in the
Easily find your way around and to desired places,
stores and tourist sites
Get information relevant to where you are and what
you are doing
Access your personal information, check email,
check on your house, from your mobile device no
matter where you are
Let friends and family check on you and know
what’s going on and where you are
Meet and socialize with new people and old friends
Play games in the environment
Many scenarios require knowing a subset of
– who the user is
– where the user is located
– where various objects are located
– the conditions in the environment
– Infer what people are doing and want to do
Using a variety of sensors, networking
infrastructures, middleware, distributed
And a variety of input and output devices
What are security implications for Ubicomp?
How does this differ from what we’ve talked
about so far?
What are privacy implications and how does
What should we be doing now to prepare
for Ubicomp apps?
Are we better with or without lots of privacy in this
new world? (benefits outweigh negatives)
– Your car monitors how safely you drive, insurance
companies adjust rates accordingly. What if the end effect
is lowering accident rates?
– You have several applications that help persuade you to
get more exercise and be healthier, monitored by your
doctor. Your insurance rates are lowered if you are
– Your home can easily record and organize hard-to-get
moments, like your child’s first steps and first words. But
your spouse can also use this to replay your exact words
in that argument last night.
Privacy by design
Notice: How invisible should protections be?
Consent: How can explicit consent be achieved?
What requires it?
Anonymity: can we achieve anonymity? When
should we still remain anonymous? From whom?
Proximity: how can this be used for security and
What is the Big Stick principle?
Why is this relevant to Ubicomp?
In what scenarios is this sufficient?
In what scenarios is this not sufficient?
Case study: RFID
Radio Frequency Identification
– Tags on objects with unique ID, readers
provide power, work from some distance
Where is it being used now?
What are the security issues?
What are the privacy issues?
What are potential solutions?