This project is no longer active; this page is no longer updated.
Related keywords: [context-aware], [security], [sensors], [survey]
To succeed without distracting the user, pervasive-computing applications must be aware of the 'context' in which they execute, and automatically adapt as that context changes. More specificically, such applications need to be aware of the context in which they execute, or the context of the applications' users. For example, an application may behave differently when its user is at home than at the office, or outdoors; alone, or with other people; driving or eating or walking. In the Solar project we explored this challenge through four parallel research threads, described below.
The Solar system was a comprehensive middleware framework for the development of context-aware applications. Solar was based on a publish-subscribe model, allowing applications to subscribe to streams of events carrying context data. The applications could deploy a distributed network of operators that transformed raw sensor data, as published by sources, into the desired context. Through a novel naming system, applications could identify the desired sources, which themselves could be a named output of a tree of operators that aggregate many other sources. Solar also included means for data-flow management, recognizing that some sensor-based context systems may produce far more data (events) than can be carried by an underlying wireless network or can be consumed by operators and applications. Solar included a mechanism for filtering data at the context source in a way that recognizes the overlapping goals of the many subscribers to the source, and an inline filtering and summarization technique that managed the flow of events through the Solar system. This research was most completely described in Chen's dissertation [chen:thesis], and in a retrospective journal paper [chen:jsolar]; see also [chen:abstraction, chen:abstraction-tr, chen:bnaming, chen:dependency, chen:dependency-tr, chen:fusenet, chen:naming, chen:pack, chen:pack-tr, chen:pervasive, chen:pervasive-tr, chen:solar, chen:solar-tr, white-abram:thesis, chen:survey-tr].
We developed a theory and implementation of "context-sensitive authorization", in which authorization policies (e.g., for access to physical resources like a room or virtual resources like a database) depend on the context (e.g., location or activity) of the person requesting access to the resource. Our work recognized that the sources of context information are inherently distributed, and that the context used (such as a person's location) is sensitive information that must remain confidential. Our techniques allowed an authorization query to be evaluated in a distributed fashion while respecting confidentiality and integrity policies imposed by the many parties involved. This research was most completely described in Minami's dissertation [minami:thesis]; see also [minami:aclprop-tr, minami:csa, minami:csa-tr, minami:handbook, minami:jcsa, minami:scalability].
We also proposed a "group-aware stream filtering" approach that exploited two overlooked, yet important, properties of monitoring applications: 1) many of them can tolerate some degree of "slack" in their data quality requirements, and 2) there may exist multiple subsets of the source data satisfying the quality needs of an application. We can thus choose the "best alternative" subset for each application to maximize the data overlap within the group to best benefit from multicasting. After proving the group-aware filtering problem NP-hard, we provided a general framework with a suite of heuristics-based algorithms that ensure data quality (specifically, granularity and timeliness) while preserving bandwidth. Our evaluation (based on real-world data traces) showed that quality-managed group-aware filtering is effective in trading CPU time for bandwidth savings, compared with self-interested stream filtering. This work was most completely described by Li's dissertation [mingli:thesis]; see also [li:ijcnds, li:jfilter, li:quality, li:wwasn07].
Applications: Finally, Solar was deployed as a data-dissemination middleware in the Automated Remote Triage and Emergency Management Information System (ARTEMIS) project at ISTS [see, for example, McGrath et.al]. We found that these mission-critical applications needed 1) real-time monitoring services (in the form of trigger-based continuous queries) and 2) analytical probing services (in the form of one-shot queries based on historical sensor data as well as real-time sensor streams).
In another application, we explored an application to meeting detection and resource discovery [wang:meeting, wang:meeting-tr, wang:thesis]. In 2002-03, we developed several other applications (e.g., location tracking and campus-wide 'graffiti' apps) as a proof of concept. In general we found that Solar was scalable and efficient enough for high-volume real-life sensor-monitoring applications.
Finally, we developed "SmartReminder", a context-sensitive appointment-reminder system, as a case-study in context-sensitive applications [mathias:thesis].
Guanling Chen, David Kotz, Ming Li, Kazuhiro Minami, and Jue Wang, with Adrian Hartline, Chris Masone, Arun Mathias, Cal Newport, Abe White, and Lin Zhong.
This research was supported by the Cisco Systems University Research Program, the US Department of Defense (DARPA) contract F30602-98-2-0107, the US Department of Defense (MURI) contract F49620-97-1-03821, by Microsoft Research, and by the USENIX Scholars Program.
This project was also supported by the US Department of Homeland Security (Office for Domestic Preparedness) under Award No. 2000-DT-CX-K001, through Dartmouth's Institute for Security, Technology, and Society (ISTS).
The views and conclusions contained on this site and in its documents are those of the authors and should not be interpreted as necessarily representing the official position or policies, either expressed or implied, of the sponsor(s). Any mention of specific companies or products does not imply any endorsement by the authors or by the sponsor(s).
[Also available in BibTeX]
Papers are listed in reverse-chronological order;
click an entry to pop up the abstract.
For full information and pdf, please click Details link.
Follow updates with RSS.
We consider a class of applications that wish to consider a user’s context when deciding whether to authorize a user’s access to important physical or information resources. Such a context-sensitive authorization scheme is necessary when a mobile user moves across multiple administrative domains where they are not registered in advance. Also, users interacting with their environment need a non-intrusive way to access resources, and clues about their context may be useful input into authorization policies for these resources. Existing systems for context-sensitive authorization take a logic-based approach, because a logical language makes it possible to define a context model where a contextual fact is expressed with a boolean predicate and to derive higher-level context information and authorization decisions from contextual facts.
However, those existing context-sensitive authorization systems have a central server that collects context information, and evaluates policies to make authorization decisions on behalf of a resource owner. A centralized solution assumes that all resource owners trust the server to make correct decisions, and all users trust the server not to disclose private context information. In many realistic applications of pervasive computing, however, the resources, users, and sources of context information are inherently distributed among many organizations that do not necessarily trust each other. Resource owners may not trust the integrity of context information produced by another domain, and context sensors may not trust others with the confidentiality of data they provide about users.
In this thesis, we present a secure distributed proof system for context-sensitive authorization. Our system enables multiple hosts to evaluate an authorization query in a peer-to-peer way, while preserving the confidentiality and integrity policies of mutually untrusted principals running those hosts. We also develop a novel caching and revocation mechanism to support context-sensitive policies that refer to information in dozens of different administrative domains. Contributions of this thesis include the definition of fine-grained security policies that specify trust relations among principals in terms of information confidentiality and integrity, the design and implementation of a secure distributed proof system, a proof for the correctness of our algorithm, and a performance evaluation showing that the amortized performance of our system scales to dozens of servers in different domains.
In this paper we present a data-dissemination service, PACK, which allows applications to specify customized data-reduction policies. These policies define how to discard or summarize data flows wherever buffers overflow on the dissemination path, notably at the mobile hosts where applications often reside. The PACK service provides an overlay infrastructure to support mobile data sources and sinks, using application-specific data-reduction policies where necessary along the data path. We uniformly apply the data-stream “packing” abstraction to buffer overflow caused by network congestion, slow receivers, and the temporary disconnections caused by end-host mobility. We demonstrate the effectiveness of our approach with an application example and experimental measurements.
In this paper, we motivate and describe our graph abstraction, and discuss a variety of critical design issues. We also sketch our Solar system, an implementation that represents one point in the design space for our graph abstraction.
In this paper, we motivate and describe our graph abstraction, and discuss a variety of critical design issues. We also sketch our Solar system, an implementation that represents one point in the design space for our graph abstraction.
We describe our approach in terms of a specific context-dissemination framework, the Solar system, although the same principles would apply to systems with similar properties.