Information Exposure Control through Data Manipulation for Ubiquitous Computing

The vision of Ubiquitous Computing (22) creates the world in which information is omnipresent, migrating seamlessly through the en- vironment to be accessible whenever and wherever needed. Such a vision poses substantial challenges to information security and privacy protection. Unlike in traditional, static, execution environments, information in the Ubiquitous world is exposed, throughout its lifetime, to con- stantly varying security and privacy threats caused by the inherent dynamicity and unpredictability of the new computing environment and its mobility. Existing data protection mechanisms, built for non- or predictably slowly-changing environments, are unable to strike the balance in the information availability vs. security and privacy threat trade-off in the Ubiquitous world thus hindering the feasibility of the overall vision. In this paper, we present our initial work on a novel paradigm for in- formation security and privacy protection in the ubiquitous world. We model security and privacy threats through sets of contextual attributes and mitigate the projected risks through proactive and reactive data format transformations, subsetting and forced migra- tions while trying to maximize information availability. We also try to make the approach exible, scalable and infrastructure indepen- dent, as required by the very vision of the Ubiquitous Computing.