Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
The Cricket location-support system
MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
Routing Through the Mist: Privacy Preserving Communication in Ubiquitous Computing Environments
ICDCS '02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS'02)
Assessing web services quality for call-by-call outsourcing
WISEW'03 Proceedings of the Fourth international conference on Web information systems engineering workshops
Cautious propagation in Bayesian networks
UAI'95 Proceedings of the Eleventh conference on Uncertainty in artificial intelligence
Hi-index | 0.00 |
Personalized services can provide significant user benefits since they adapt their behavior to better support the user. Personalized services use a variety of data related to the user to decide their behavior. Thus personalized service needs a provisioning system that can collect the data that impacts service behavior and allows selection of the most appropriate service. However, in the coming ubiquitous environment, some data necessary for determining service behavior might be unavailable due to two possible reasons. One is that the data does not exit. The other is that the data exists but cannot be accessed. For example, users do not want to disclose their personal information, and service providers do not also want to expose data related to their knowhow in services. This paper describes a new service provisioning system for distributed personalization with private data protection. Specifically, the system selects applicable services by assessing how well each candidate service behaves when some data is missing. It then executes those selected services while hiding the users' and providers' private data in a distributed manner. We first summarize the requirements for a personalized service system, and introduce our fundamental policies for the system. The two main components of our system are then described in detail. One component is a service assessment mechanism that can judge if a service can work without data that can be used for adaptation. The second component is a service execution mechanism that can utilize private data while still ensuring privacy. This component divides service logic and executes divided logic where necessary data is available. The paper finally describes our prototype implementation and its performance evaluation results.