Location Privacy

1
Location Privacy

Yang Wang CMU, Fall 2001
2
Location ServicesConvenience v.s Privacy

• Convenience
• A sudden change of meeting location
• An unexpected delay in itinerary
• Privacy
• Sleeping time
• Do-not-disturb time
• Dont-want-XX-to-find-me time

3
InspirationThe Many Modes Of ICQ

• Free for chat Available
• Away Extended away
• Occupied Do not disturb
• Invisible Offline
• Dont need that many modes for visibility on a
  wireless network (yet)

4
Basic Visibility Modes

• Visible to All (All)
• Invisible to Some (Not Some)
• Visible to Some (Some)
• Invisible to All (None)
• Assume Invisible to Some is more visible than
  Visible to Some, given large user set

5
Basic Human Modes

• It is possible to have a background visibility
  setting and a time-specific visibility setting
• An acquaintance of yours may be able to see you
  in one and not the other
• Introvert
• In case of conflict, always give preference to a
  smaller visibility window
• Extrovert
• In case of conflict, always give preference to a
  larger visibility window

6
Visibility ModelIntrovert vs. Extrovert
Introvert AND
Extrovert OR
B
C
A
C
A B C
7
Survey ResultsCan Someone Message You?
8
Survey ResultsCan Someone See You?
9
Survey ResultsCan Someone Locate You?
10
Introvert vs. ExtrovertNot Always Definite

• Two modes of operation depending on your
  preferences, depending on situation
• Introvert if there is a conflict for an
  acquaintance for seeing or not seeing your
  location, give preference to not seeing
• Extrovert if there is a conflict for an
  acquaintance for seeing or not seeing your
  location, give preference to seeing

11
Location Privacy ModuleSoftware Overall
Architecture
Init()
Server
Query()
Update()
Privacy Module
Database
User State
Function Call
Data File(s)
12
Location Privacy ModuleLocation Server Interface

• Init(EventList newusr, char infile, Time now)
• Pass in basically initialized event list (user
  state), initial file name, and time, parse all
  input file(s) and completely initialize event
  list w/ schedule, etc.
• Query(EventList usra, char usrb, Time now)
• Pass in user state, user id of acquaintance
  making location inquiry, and current time, update
  user state and return whether visible
• Update(EventList usr, char infile, Time now)
• Pass in user state, new initial file name, and
  time, output most up to date data file(s)

13
Model Event

• Visibility to an acquaintance can be modeled as
  being limited to chunks of time
• Example From sun up to sun down
• If you really want to be visible/invisible to an
  acquaintance at all times, the chunk of time can
  be infinity (i.e., from 000 to 235959,
  everyday)
• A chunk of time with a label is an event
• An event can be periodic or not periodic
• Optionally, a list of acquaintances that
  can/cannot see you during this event

14
The EventList StructureKeeper Of User State

• List of events currently in schedule
• Users name/userid and initial filename
• List of current acquaintances for visibility
  (cache)
• Visibility mode of the list of acquaintances
• General background visibility mode (All or None)
• Last time synchronized with input file(s)
• Last time location asked, for caching purposes
• re-compute once every 10 minutes
• Schedule changed flag for GUI

15
From List Of EventsTo List Of Acquaintances

• Build event list from input file(s), if changed
• Clean up event list
• Kill events that have already ended
• If event is periodic, add period until event
  either in present or future add new event
• Build acquaintance list from events happening at
  this time, precise to the second add or delete
  user depending on visibility modes magic

16
Implementation Quirks

• For sake of synchronicity, the location server
  will decide time
• Default visibility mode for introvert is All
• Default visibility mode for extrovert is None
• Privacy module starts assuming introvert
• Cache updates when there has been a change in
  input file(s) or when the last inquiry was more
  than 10 minutes ago, at the time of new inquiry

17
Survey ResultsWhats Your Basic Unit Of Time?
18
To Lie...

• Waldo eating ice cream instead of working like he
  is supposed to be
• Lie (User is where hes supposed to be)
• In case user is expected to be on the network and
  able to be reached
• Leaves the question of morality/honesty up to the
  user

19
Or Not To Lie...

• Truth (Current location unknown)
• In case the acquaintance requesting information
  physically checks on the user
• Guarantees validity of information provided by
  the location server
• Currently implements truth, since lying
  potentially renders location services completely
  useless

20
PAM Stubs

• Parser/Preprocessor
• Plain text input files of certain formats
• Very simple Excel CSV files
• Output file(s) Alpha of alpha
• Data for future input file reading
• Currently in special formats only

21
Current Unofficial GUI

• FLTK
• View acquaintance list and visibility
• View schedule
• Add/delete/modify event(s)
• Automatic time correction/conversion
• Reload input file(s)
• Simulation for a day or however long
• X-Win is a good thing

22
GUI Sample View
23
Future Expansions

• Integration with PAM/Server XML?
• Geographical detail of visibility of each
  acquaintance

24
Credits

• Dan, Asim, Josh, Roommate, Survey People
• Old 127/211 textbooks
• FLTK documentation
• The man pages