|Office||LWSN 2161 #8|
Privacy is a major concern for users in the mobile environment. As such, we discovered and documented any mobile specific information that could violate a user’s anonymity and the possible methods those information could be leaked or acquired through Android applications . To that end, we developed IdentiDroid, a customized Android operating system, that aid users in protecting their anonymity. Two solutions were implemented in Identidroid that intercepts an application’s request for identifying user/device data. The data shadowing solution returns randomized data, while the permission solution revokes access to Android sensitive permissions at runtime.
Both solutions are supported by two features Fresh Start and Intent Filtering. Fresh Start prevents applications from leaving any identifying information or traces within their own data storage. Intent filtering prevents applications at run-time from exchanging messages during an anonymous session.
Context-Based Access Control (CBAC)
Android users do not have control over the application capabilities once the applications have been granted the requested privileges upon installation. In many cases, however, whether an application may get a privilege depends on the specific user context. In collaboration with Dr. Elisa Bertino and Dr. Bilal Shebaro, I developed CBAC, a modified Android operating system, that has the ability to enforce context-based access control, by which privileges can be dynamically granted or revoked to applications based on the specific context of the user.
Population Health Management
In collaboration with Regenstrief Center for Healthcare Engineering (RCHE) organization, I am the lead developer of a web-based data analytics framework for visualizing health care databases. The project’s goal is to visualize a number of health care factors including cost, quality of care, populations etc. and relay it to clinicians (and various other type of user) who are not used to visualizing this type of data.