TY - GEN
T1 - Controlling smartphone user privacy via objective-driven context mocking
AU - DiRienzo, Nick
AU - Challen, Geoffrey
N1 - Publisher Copyright:
© 2014 The Institute for Computer Sciences, Social Informatics, and Telecommunications Engineering (ICST).
PY - 2015/1/28
Y1 - 2015/1/28
N2 - Smartphones represent the most serious threat to user privacy of any widely-deployed computing technology because these devices are always on and always connected, making them the perfect candidate to know most about the owner. Unfortunately, existing permission models provide smartphone users with limited protection, in part due to the difficulty to users in distinguishing between legitimate and illegitimate use of their data; for example, a mapping app may upload the same location information it uses to download maps (legitimate) to a marketing agency interested in delivering location-based ads (illegitimate). As a result, smartphone users find themselves forced to make burdensome and error-prone trade-offs between app functionality and privacy. To combat this, we propose a new approach called PocketMocker. By allowing substitution of real data streams with artificial or mocked data, PocketMocker allows users to manipulate impressions of their behavior in well-defined ways, such as appearing more fit, more social, or more on-time than they actually are. Instead of focusing on privacy, we explore providing users with better management of their smartphonederived digital identities. We discuss the design of PocketMocker, which uses user-initiated context trace recording and replay to enable objective-driven context mocking. Our evaluation shows that users want to use PocketMocker, that PocketMocker can mock popular smartphone apps, and that PocketMocker is usable.
AB - Smartphones represent the most serious threat to user privacy of any widely-deployed computing technology because these devices are always on and always connected, making them the perfect candidate to know most about the owner. Unfortunately, existing permission models provide smartphone users with limited protection, in part due to the difficulty to users in distinguishing between legitimate and illegitimate use of their data; for example, a mapping app may upload the same location information it uses to download maps (legitimate) to a marketing agency interested in delivering location-based ads (illegitimate). As a result, smartphone users find themselves forced to make burdensome and error-prone trade-offs between app functionality and privacy. To combat this, we propose a new approach called PocketMocker. By allowing substitution of real data streams with artificial or mocked data, PocketMocker allows users to manipulate impressions of their behavior in well-defined ways, such as appearing more fit, more social, or more on-time than they actually are. Instead of focusing on privacy, we explore providing users with better management of their smartphonederived digital identities. We discuss the design of PocketMocker, which uses user-initiated context trace recording and replay to enable objective-driven context mocking. Our evaluation shows that users want to use PocketMocker, that PocketMocker can mock popular smartphone apps, and that PocketMocker is usable.
UR - http://www.scopus.com/inward/record.url?scp=84924405612&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84924405612&partnerID=8YFLogxK
U2 - 10.4108/icst.mobicase.2014.257783
DO - 10.4108/icst.mobicase.2014.257783
M3 - Conference contribution
AN - SCOPUS:84924405612
T3 - Proceedings of the 2014 6th International Conference on Mobile Computing, Applications and Services, MobiCASE 2014
SP - 216
EP - 224
BT - Proceedings of the 2014 6th International Conference on Mobile Computing, Applications and Services, MobiCASE 2014
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2014 6th International Conference on Mobile Computing, Applications and Services, MobiCASE 2014
Y2 - 6 November 2014 through 7 November 2014
ER -