Privacy is a major concern in today’s information society. As computers are used to mediate a growing number of human activities, a greater amount of personal data is digitalized and can be easily transmitted, stored and analyzed. If, in the past, private information such as shopping habits, activities, preferences and whereabouts vanished with time, today this data can be either directly collected or deduced from other available data, and correlated to infer a number of an individual’s personal details without one’s awareness. Privacy protection becomes even more significant in pervasive computing systems, where the surrounding space incorporates computing devices that the user manipulates unconscious of their existence to execute daily activities. Pervasive information systems, thus, can collect a larger amount of personal data and amplify the possibilities for privacy invasions.
To effectively protect user’s privacy, the infrastructure, middleware and application layers must cooperate, supported by a privacy legislation that enables legal measures against identified privacy invasions.In our work, we focus on the pervasive middleware, which must not only provide mechanisms to encourage the development of privacy-aware pervasive applications but also must be designed taking privacy into account.
Particularly, we consider privacy issues that arise on service-oriented middleware both when applications interact with middleware services as well as on the middleware design and implementation. Our work focuses on the privacy risks introduced by the three basic functionalities of a service-oriented middleware for pervasive computing, namely service discovery, service composition and service access.