Privacy guaranteeing execution containers: one time use of personal data by location based services

  • Authors:

  • Peter Langendoerfer;Michael Maaser

  • Affiliations:

  • IHP microelectronics, Frankfurt(Oder), Germany;IHP microelectronics, Frankfurt(Oder), Germany

  • Venue:
  • Proceedings of the 1st international conference on MOBILe Wireless MiddleWARE, Operating Systems, and Applications
  • Year:
  • 2008

Quantified Score

Hi-index 0.00

Visualization

Abstract

Privacy issues are becoming more and more important especially since the cyber and the real world are converging up to certain extent when using mobile devices. Means that really protect privacy are still missing. The problem is, as soon as a user provides data to a service provider the user looses control over her data. The simple solution is not to provide any data but then a lot of useful services e.g. navigation applications cannot be used. In order to remedy this problem we propose privacy guaranteeing execution containers (PGEC). Basically the concept is that the application gets access to the user data in a specially protected and certified environment, the PGEC. PGECs enable applications to access private user data locally and guarantee that the user data is deleted as soon as the service is quit. Thus, the PGEC guarantees a "one time use" of the provided private data. The PGECs also restrict the communication between the application and the service provider to what is explicitly allowed by the service user. In order to highlight the security provided by the PGEC, we discuss potential attacks such as modified execution environments as well as appropriate countermeasures.