ConfiSENse
AlarmNet collects and analyzes various data streams to make judgements on
or monitor a resident’s overall well-being, known medical conditions, and activities of daily living. In an operational assisted-living care center, various stake-holders such as nurses, doctors, administrators, dietitians, researchers, and technical staff will have access to subsets of this information so that they can monitor the improvement of their patient, perform system diagnostics to ensure the system is operating efficiently, and perform longitudinal studies for a new care regimen or diet and so on. But before people are ready to adopt these devices in their surroundings, they would like to ensure their information is protected and accessible to only those who need it.
Proper privacy policies must be created that control access to privileged information, keep an audit of its use, and to understand better situations where privacy could be compromised. Existing policy and privacy enhancement technologies such as EPAL do not have the ability to handle the specific challenges that arise in protecting
environmental data. For example, data streams are inextricably correlated with one another, so that if data cannot be obtained from one device, an attacker might try a nearby device. Also, sensor data is often aggregated with others to infer higher-level information, but no mechanisms exist that can reason about how information can be combined to leak privileged information.
Our current work includes:
- UbiPAL – Ubiquitous Privacy Access Language
- Runtime query auditing and attack detection
- On-device privacy mechanisms
- Discovery of new attack models