TWC: Medium: Collaborative: Security and Privacy for Wearable and Continuous Sensing Platforms

TWC：媒介：协作：可穿戴和连续传感平台的安全和隐私

• 批准号: 1514211
• 负责人: Serge Egelman
• 金额: $ 39.97万
• 依托单位: International Computer Science Institute
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-09-01 至 2019-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1514211&HistoricalAwards=false
• 关键词: TWC; Medium; Collaborative; Security; Privacy

This research project studies security and privacy for wearable devices. Wearable computing is poised to become widely deployed throughout society. These devices offer many benefits to end users in terms of realtime access to information and the augmentation of human memory, but they are also likely to introduce new and complex privacy and security problems. People who use wearable devices need assurances that their privacy will be respected, and we also need ways to minimize the potential for wearable devices to intrude on the privacy of bystanders and others. This project is identifying the risks in greater depth and developing new technologies and techniques to protect against these risks. The project is building a scientific and engineering basis for making wearable computing trustworthy; the growing adoption of wearable computing makes this research important to society.Several unique features of wearable computing pose new challenges that require novel research. It seems likely that continuous audio and video capture will enable many valuable uses of wearable computing, but they open up new attack vectors through these new input channels. Audio and video capture also present new privacy challenges; for instance, third-party applications may need access to this data, but the data is sometimes highly sensitive (e.g., capturing intimate moments, sensitive documents, embarrassing social situations, etc.). This project studies: how to empower users and enable them to control how apps on wearable devices can access audio and video resources, how to use privilege separation and the least-privilege principle to mitigate risks associated with third-party applications that run on wearable devices, how operating systems for wearable devices can be architected to prevent applications from collecting extraneous data, and new threats from wearable computing and how each of these threats could be countered with secure platform designs. To protect privacy, the researchers are conducting user studies to improve our understanding of what data users find most sensitive; the findings from these user studies is helping the researchers to design techniques to prevent applications from accessing sensitive data inappropriately.

该研究项目研究可穿戴设备的安全性和隐私。 可穿戴计算有望在整个社会中广泛部署。 这些设备在实时访问信息和人类记忆的增强方面为最终用户提供了许多好处，但它们也可能引入新的和复杂的隐私和安全问题。 使用可穿戴设备的人需要保证将尊重其隐私，我们还需要方法来最大程度地减少可穿戴设备的潜力，以侵犯旁观者和其他人的隐私。 该项目正在识别更深入的风险，并开发新技术和技术以防止这些风险。 该项目正在建立一个科学和工程基础，以使可穿戴计算值得信赖；可穿戴计算的采用越来越大，这项研究对社会很重要。可穿戴计算的几个独特特征构成了需要新研究的新挑战。 连续音频和视频捕获似乎可以实现可穿戴计算的许多宝贵用途，但是它们通过这些新的输入渠道打开了新的攻击向量。 音频和视频捕获还带来了新的隐私挑战；例如，第三方应用程序可能需要访问此数据，但是数据有时很敏感（例如，捕获亲密的时刻，敏感文件，令人尴尬的社交情况等）。 该项目研究：如何赋予用户并使他们能够控制可穿戴设备上的应用程序如何访问音频和视频资源，如何使用特权分离以及最小私人的原理来减轻与可穿戴设备上的第三方应用程序相关的风险设计。 为了保护隐私，研究人员正在进行用户研究，以提高我们对数据用户最敏感的知识的理解；这些用户研究的发现正在帮助研究人员设计技术，以防止应用程序不当访问敏感数据。