Professor Anupam Joshi, “Trust, security, and privacy in Ubiquitous Computing”.
Security is essential because we interact with devices that are not in our home or office, but most of the work done in security for distributed system is not directly applicable to unicomp because these systems are open and dynamic. For that we can create policies and and sanctions for their violations. Autonomous entities need norms of behavior: declarative and dynamically adapt and explicitly manage trust. He offers the example of Asimov laws because they are abstract and understandable, and are build using unambiguous terms such as “must, can, oblige, refuse.” Entities will have multiple authorities so there’s a risk of being over-constrained, and then how to deal with failure. (Rei is an example of declarative policies declared with RDF/OWL-S.)
Prof. Joshi
From 911 the moving from “need to know” to “need to share,” and that implies to explore the feasibility and desirability of this model, but also the risks and benefits associated with it. For having a shared policy, the parties must agree on the semantics of the language and of the domain ontology to avoid ambiguities and misunderstandings. Access control based on authentication simply won’t work in pervasive environments. Also, what is allowed in one context might be forbidden conditions.
First thing you can do is to secure the routing layer (cryptography), but you can also do it above, at the application level. You can build trust and reputation notions in ubiquitous applications based on what the other entities are saying, and by dynamically adapting your trust levels in peers depending on whether they give you appropriate answers or not.
Professor Mogens Nielsen, “Trust models in ubiquitous computing.”
He discussed about the role of trust and gave a short introduction about how trust systems can be modeled in computational systems. Interesting talk and topic, unfortunately I did not take many notes. In ubicomp are applications where decisions are made between two actors information providers and requesters. The problem is that these decision are made by autonomous agents and not humans, and often based on incomplete information, therefore new security principles are required. Two main classes of computational trust system exist: credential based (Keynote system, delegation logic) and reputation based (EigenTrust, beta reputation). The abstraction in trust systems is the concept of reputation and you represent trust by using a mathematical notation of the quality of interaction between peers. However, these computational systems need formal models that allow to ask (and hopefully answer) questions related to computational robustness and performance.
Samuel Karlin “The purpose of models is not to fit the data, but to sharpen the question”.
Professor Gary Marsden, “Mobile interaction design for developing nations”, who recently wrote the amazing book “Mobile Interaction Design“.
There aren’t many Internet users in Africa nowadays, but the mobile users are growing amazingly and the market is huge up to the point that many people will use their whole cash for mobiles (they would even skip meals just to save some extra money for that). The PC has been leapfrogged: macro-ubiquitous technology. HCI teaches humility and you need to deploy system, observe what people do, and then evaluate that.
Price sensitivity: there are 3 operators (A is the cheapest for local calls, B is the cheapest to receive calls, and C has the biggest coverage), so when people receive a local call, they change the SIM card from B to A to do a call. We don’t do that here, because the small price difference are not worth the pain of switching sim cards for each operation.
Camera phones have a huge impact, people are keeping a life diary on their mobile phones. Storytelling, sharing stories is a big things in Africa and they developed a mobile phone software for sharing (by broadcasting) pictures with the other people in neighborhood – a very interesting way to use technology as a support tool for the perpetuation of traditions.
MXit = like IRC but on mobile phones, which is so much cheaper than SMS, so many people use it. Kids even starting using it to collaboratively do their homework. It’s ugly, nobody in Europe would use that, but as there is no alternative in Africa, it is very successful over there.
Two problems are important: we cannot learn the culture in just a few months, and also there are not enough of people doing this kind of work. To develop ubicomp, we need to find the “bridging persons” who can understand both the local African context and out technology.
We don’t help nurses but doctors because, and we empower them to create and customize and develop their own version, because they know the problems and the local context, and they also know how do these people work.
You learn a lot about computer science by working there (ndlr. in Africa), because the solution is not use more technology or some other “common” shortcut/trick, because the constraints are totally different over there. Mobile phones are an appropriate technology because it has value over there, and we all need to find ways to leverage that.
