R adio frequency identification technology has become popular as an effective, low-cost solution for tagging and wireless identification. Although early RFID deployments focused primarily on industrial settings, successes have led to a boom in more personal, pervasive applications such as reminders 1 and eldercare. 2 RFID promises to enhance many everyday activities but also raises great challenges-in particular, with respect to security and privacy.At the University of Washington, we've deployed the RFID Ecosystem, a pervasive computing system based on a building-wide RFID infrastructure with 80 RFID readers, 300 antennas, tens of tagged people, and thousands of tagged objects. 3 The RFID Ecosystem is a capture-and-access system that streams all data from the readers into a central database, where applications can access it. Our goal is to provide a laboratory for longterm research in security and privacy, as well as applications, data management, and systems issues for RFID-based, community-oriented pervasive computing.RFID security is a vibrant research area, with many protection mechanisms against unauthorized RFID cloning and reading attacks emerging. 4 However, little work has yet addressed the complementary issue of protecting the privacy of RFID data after an authorized system has captured and stored it. We've investigated peer-topeer privacy for personal RFID data through an access-control policy called Physical Access Control. PAC protects privacy by constraining the data a user can obtain from the system to those events that occurred when and where that user was physically present. While strictly limiting information disclosure, PAC also affords a database view that augments users' memory of places, objects, and people. PAC is appropriate as a default level of access control because it models the physical boundaries in everyday life. Here, we focus on the privacy, utility, and security issues raised by its implementation in the RFID Ecosystem. Privacy and utility in pervasive architecturesThe 18th-century legal philosopher Jeremy Bentham first described the perfect architecture for surveillance: the panopticon, a prison that arranges its cells about a central tower from which a guard can monitor every cell while remaining invisible to the inmates. The architecture's innovation is that the guard's presence becomes unnecessary except for occasional public demonstrations of power. Many privacy concerns in pervasive computing stem from a similar potential for an unseen observer to access and act on data about someone else. Under these conditions, the "state of conscious and permanent visibility [assures] the automatic functioning of power" 5 because individuals must constantly conform to the code of conduct their peers or superiors hold them to.Just as surveillance can be built into an architecture, so can privacy assurances. Our fundaTo protect the privacy of RFID data after an authorized system captures it, this policy-based approach constrains the data users can access to system events that occurred whe...
Radio Frequency IDentification (RFID) deployments are becoming increasingly popular in both industrial and consumer-oriented settings. To effectively exploit and operate such deployments, important challenges must be addressed, from managing RFID data streams to handling limitations in reader accuracy and coverage. Furthermore, deployments that support pervasive computing raise additional issues related to user acceptance and system utility. To better understand these challenges, we conducted a four-week study of a building-scale EPC Class-1 Generation-2 RFID deployment, the "RFID Ecosystem", with 47 readers (160 antennas) installed throughout an 8,000 square meter building. During the study, 67 participants having over 300 tags accessed the collected RFID data through applications including an object finder and a friend tracker and several tools for managing personal data. We found that our RFID deployment produces a very manageable amount of data overall, but with orders of magnitude difference among various participants and objects. We also find that the tag detection rates tend to be low with high variance across the type of tag, participant and object. Users need expert guidance to effectively mount their tags and are encouraged by compelling applications to wear tags more frequently. Finally, probabilistic modeling and inference techniques promise to enable more complex applications by smoothing over gaps and errors in the data, but must be applied with care as they add significant computational and storage overhead.
The success of RFID in supply chain management is leading many to consider more personal and pervasive deployments of this technology. Unlike industrial settings, however, deployments that involve humans raise new and critical problems related to privacy, security, uncertainty, and a more diverse and evolving set of applications.At the University of Washington, we are deploying a building-wide RFID-based infrastructure with hundreds of antennas and thousands of tags. Our goal is to uncover the issues of pervasive RFID deployments and devise techniques for addressing these issues before such deployments become common place.In this paper, we present the challenges encountered and lessons learned during a smaller-scale pilot deployment of the system. We show some preliminary results and, for each challenge, discuss how we addressed it or how we are planning on addressing it.
Abstract. We present the design and evaluation of Panoramic, a tool that enables end-users to specify and verify an important family of complex location events. Our approach aims to reduce or eliminate critical barriers to deployment of emerging location-aware business activity monitoring applications in domains like hospitals and office buildings. Panoramic does not require users to write code, understand complex models, perform elaborate demonstrations, generate test location traces, or blindly trust deterministic events. Instead, it allows end-users to specify and edit complex events with a visual language that embodies natural concepts of space and time. It also takes a novel approach to verification, in which events are extracted from historical sensor data traces and then presented with intelligible, hierarchical visualizations that represent uncertainty with probabilities. We build on our existing software for specifying and detecting events while enhancing it in non-trivial ways to facilitate event specification and verification. Our design is guided by a formative study with 12 non-programmers. We also use location traces from a building-scale radio frequency identification (RFID) deployment in a qualitative evaluation of Panoramic with 10 non-programmers. The results show that end-users can both understand and verify the behavior of complex location event specifications using Panoramic.
Wizard of Oz (WOz) testing has shown promise as an effective way to test location-enhanced applications. However, it is challenging to conduct a location-based WOz test because of the dynamic nature of target settings in the field. In particular, continuous location tracking, a major task in such a test, requires a wizard to frequently update a user's location to simulate a location system. This imposes a heavy task load on a wizard. To ease wizards' tasks for location tracking, we designed two techniques, Directional Crossing and Steering, and conducted a field experiment to investigate the performance of the two techniques. A quantitative analysis shows that Directional Crossing and Steering significantly lowered a wizard's task load for location tracking without sacrificing accuracy.
Access control is the problem of regulating access to secret information based on certain context information. In traditional applications, context information is known exactly, permitting a simple allow/deny semantics. In this paper, we look at access control when the context is itself uncertain. Our motivating application is RFID data management, in which the location of objects and people, and the associations between them is often uncertain to the system, yet access to private data is strictly defined in terms of these locations and associations.We formalize a natural semantics for access control that allows the release of partial information in the presence of uncertainty and describe an algorithm that uses a provably optimal perturbation function to enforce these semantics. To specify access control policies in practice, we describe UCAL, a new access control language for uncertain data. We then describe an output perturbation algorithm to implement access control policies described by UCAL. We carry out a set of experiments that demonstrate the feasibility of our approach and confirm its superiority over other possible approaches such as thresholding or sampling.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.