Showing posts from March, 2014

Cloud Wedge - geek of the week

CloudWedge: 'Geek of the Week' My colleague Yijun Yu recently wrote a opinion piece for The Conversation about how cloud computing could have made a difference to the search for Malayian Airlines MH370.  Essentially the question he poses is: why, in the age of global internet connectivity (including now onboard planes!), do we depend on the onboard flight data recorder for information about what happens on a plane? Of course there are numerous challenges with this - not least the cost of bandwidth for all the flight data (including cockpit audio) to be uploaded in real time and the security of the data.  Yijun's article addresses some aspects of the latter, and the former is not an insurmountable problem.  For example it should be possible to upload basic flight telemetry (e.g., GPS location, air speed, engine statistics and fuel data) without requiring significant bandwidth.  Indeed aero engine manufacturers such as Rolls-Royce deployed engine monitoring systems

Collaborative Adaptive Security

Collaborative Adaptive Security scenario As part of our work on Adaptive Security and Privacy ( ) we are exploring the role of collaboration between different components in a ubiquitous computing environment in order to maximise the satisfaction of security requirements.  The intuition behind this is that the highly dynamic, heterogeneous device ecosystem of ubiquitous computing environments creates the need to satisfy different security requirements depending on the particular context.  The above video presents an early (and very rough!) example of the type of situation we are thinking about.  In this scenario, it is not possible for a single device in the environment to deliver all the required security functionality but if multiple devices collaborate, then the security requirement can be satisfied. Some of our initial ideas of how to engineer a system to exploit a collaborative adaptation for security will be presented at the upcoming Symposium on So

Merging privacy ...

Facebook vs. Whatsapp The acquisition of WhatsApp by Facebook has raised a number of interesting privacy debates, with the latest being a legal challenge to the deal on the grounds that WhatsApp's existing user privacy agreement will be violated if Facebook starts using the data to deliver targeted advertising.  It raises the question of whether the difference in the privacy agreements between WhatsApp and Facebook was part of the analysis when the acquisition was planned. Questions that could (arguably should) have been part of the decision to value WhatsApp at ~£11bn (~US$16bn) include: if isolating WhatsApp from Facebook (as proposed in the above article) would limit the possibility of creating new revenue streams (e.g., through advertising), from WhatsApp users? would users leave WhatsApp in droves if Facebook changed the privacy policy to allows user data to be used for advertising? whether hardly any users will care about the potential use of personal informatio

ICSE 2014 Success ...

ICSE 2014 I am really pleased to have two research papers being presented at the 36th International Conference on Software Engineering, which will take place in Hyderabad, India in 31 May - 7 June 2014.  The papers are: Thomas, Keerthi; Bandara, Arosha K.; Price, Blaine A. and Nuseibeh, Bashar (2014). Distilling Privacy Requirements for Mobile Applications . In: 36th International Conference on Software Engineering (ICSE 2014), 31 May-7 June, 2014, Hyderabad, India (Forthcoming), ACM. Akiki, Pierre A.; Bandara, Arosha K. and Yu, Yijun (2014). Integrating adaptive user interface capabilities in enterprise applications . In: 36th International Conference on Software Engineering (ICSE 2014), 31 May-7 June, 2014, Hyderabad, India (Forthcoming), ACM. The first of these papers presents a novel approach, called Requirements Distillation, for eliciting privacy requirements from qualitative data, such as user interviews or experience reports.  This was developed by my student, Keert