Mamadou Hassimiou Diallo

There are many collaborative editing systems that allow multiple authors to simultaneously edit a common document in a WYGIWYG manner. Many of such systems deploy a centralized server to store the shared document and assume that the server is fully trusted. In this study, we are interested in the collaborative setting where the confidentiality of the document is to be protected from the untrusted server, whereas the authors trust each other. We propose PACEF (Privacy Aware Collaborative Editing Framework), a framework for designing and implementing collaborative editing systems that protect privacy and confidentiality of users data. In this model, the shared document is replicated across the users to facilitate local modifications. Client applications send users’ updates to the server in the form of operations. Since the server is not trusted, client applications protect (ex. encrypt) all operations before sending them to the server. The server then saves the protected operations before forwarding them to all collaborators.

This project focuses primary on privacy management of users data in web and cloud data services where servers are not trusted. With the advances of the web and cloud computing technologies, we are undergoing a paradigm shift in how we manage our information and build applications. There is an overabundance of services such as calendar services, document management services, internet disks, database as a service, etc..., which enable people to use these third party solutions over the network as a service instead of purchasing and installing the applications on their machines. The popularity of this new paradigm is due to the many advantages it offers including accessibility, access to data and services from anywhere anytime; availability, data is available 24/7, cost; no need to buy and install hardware and software products; maintenance, tasks related to maintenance such as updates and recoveries are taken care by the services providers; sharing, since data is available over the Internet it can shared easy.

However, while this model of applications as a service is attractive, there is a fundamental issue of having to trust your data with the third party. Once the data is stored at the server provider, users do not have any control of how it is manipulated. This potential danger of information exposure often prevents people from fully exploiting the advantages of such services. Furthermore, studies have shown that people are reluctant in using web services due to privacy concerns.

To address these issues, we propose CloudProtect, a privacy middleware that sits between the web client and the web server to facilitate personal data privacy management. Among other things, it allows users to specify privacy policies, encrypts and decrypts data in accordance with these policies, generate appropriate tokens/ciphertexts for searching through encrypted data on the server, get user authorization for tasks that require decryption of sensitive data and interactively helps the user dynamically adjust his/her policies to achieve a desired tradeoff between security, efficiently and usability according to his/her personal needs and preferences.

Middleware for pervasive spaces has to meet conflicting requirements. It has to both maximize the utility of the information exposed and ensure that this information does not violate users’ privacy. In order to resolve these conflicts, we propose a framework grounded in utility theory where users dynamically control the level of disclosure about their information. We begin by providing appropriate definitions of privacy and utility for the type of applications that would support collaborative work in an office environment—current definitions of privacy and anonymity do not apply in this context. We propose a distributed solution that, given a user’s background knowledge, maximizes the utility of the information being disclosed to information recipients while meeting the privacy requirements of users. We implement our solution in the context of a real pervasive space middleware and provide.

PACE is an architectural style for trust management in decentralized applications. An architectural style is a set of guidelines, constraints and principles that define how components and connectors are composed together in an architecture, how they behave and the nature of their interaction. PACE similarly provides a set of principles and constraints that provide comprehensive guidance on what trust components to include, how to place these components appropriately within the architecture of a decentralized entity, and how these components should interact for effective trust management.

ScenarioGraph is a tool for specifying, visualizing, and analyzing temporal relations of events in complex scenarios written in ScenarioML. ScenarioML is a language for writing scenarios in XML. It provides syntax for expressing the semantic distinctions that are present in scenarios, and semantics for the things that people use and respond to consistently in scenarios. ScenarioGraph provides graphical editing of scenarios, computation of the relations between events, consistency analysis of scenarios, comparison of scenarios, and matching graphical scenarios against concrete occurrences. ScenarioGraph has been implemented in Java and given initial evaluation on a group of scenarios, including the real-world scenario used in this study as an example.

The Scenario Workbench is an Eclipse plug-in for editing and working with scenarios in ScenarioML. ScenarioML is a language for writing scenarios in XML. It provides syntax for expressing the semantic distinctions that are present in scenarios, and semantics for the things that people use and respond to consistently in scenarios. Scenario Workbench is currently under development.

OSAE is an approach to architecture evaluation that aids software architecture designers. The approach takes requirements-level scenarios described in ScenarioML and evaluates them against the architecture of the system described with components and connectors. The scenarios describe the functional and non-functional requirements that are important to the stakeholders. The approach is based on explicit mappings between eventTypes in the ontology and components in the architecture. The mapping is created by examining in conjunction the meaning of the event in the scenarios and the roles played by different components in the architecture. A tool supporting the approach is under development.